Categories: Hacks, Malware, Vulnerabilities, Web Security

Comments (3)

  1. M. Smoot
    2

    Good Morning Tom, nice write up. Noticed however that your article notes, “The attack works against fully patched Windows 10 and previous Windows versions, Flashpoint said.” Can you point me to where this ref was taken from? I reviewed the Flashpoint hyperlink (Jan 26) you listed and it only makes ref to Win 7. Thanks!

    Reply
  2. Justin
    3

    Question. This:
    “Here Dridex executes commands that copies the recdisc[.]exe binary from Windows\System32\recdisc[.]exe and loads it into a new directory it creates called Windows\System32\6886.”

    In order to create the new directory and copy itself within the Windows directory, it would need elevated privilages. Does the infection require initial elevation by the user?

    Reply

Leave A Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>