Dogrobot Malware Penetrates System Restore on Windows

GENEVA —  Cyber crime gangs in China are penetrating the hard disk recovery cards on computers in Internet cafes and using a combination of zero-day flaws, rootkits and ARP spoofing techniques to steal billions of dollars worth of online gaming credentials.
According to Microsoft anti-virus researcher Chun Feng, five generations of the Win32/Dogrobot malware family have perfected the novel rootkit technique to hijack System Restore on Windows — effectively allowing the malicious file to survive even after the compromised machine is reverted to its previous clean state.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.