Malware replacing PRNG in memory
Jim Cheetham
jim at gonzul.net
Thu Oct 3 21:20:43 BST 2019
https://securelist.com/compfun-successor-reductor/93633/
An interesting disassembly of a new malware strain, which amongst other
tricks alters the PRNG functions of the Firefox and Chrome browsers, so it
can use them as an additional covert comms channel.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ourshack.com/pipermail/discuss/attachments/20191004/204044cc/attachment.html>
More information about the Discuss
mailing list