Mastodon for

👁 found in digitally signed products sold to banks, pharmaceutical manufacturers, and energy companies by NetSarang, Inc. Suspicious DNS queries yielded the discovery. 🔐

Are you watching your network traffic? 🤔



"The backdoored module does not use any external servers as C&Cs: it uses the M.E.Doc software’s regular update check requests to the official M.E.Doc server[.]ua. The only difference from a legitimate request is that the backdoored code sends the collected information in cookies."
#backdoor #malware #petya