By Ionut Arghire on January 03, 2018
The malware is now employing an injection method that appears to be a new variant of a technique previously employed by the Flokibot PoS malware. With LockPoS distributed from the Flokibot botnet, and with the two threats sharing similarities, this doesn’t come as a surprise.
One of the injection techniques employed by LockPoS involves creating a section object in the kernel, calling a function to map a view of that section into another process, then copying code into the section and creating a remote thread to execute the mapped code, Cyberbit says.
Full Article.
Take a look at the best antivirus, anti-malware, anti-spy, etc. software
Powered by WPeMatico