Nodersok runs on node.exe, WinDivert; disables Windows Defender Antivirus. Microsoft’s threat team has flagged an unusual flavour of malware, which is using an rare combination of techniques to fly under the radar of endpoint detection tools. he campaign uses “two unusual legitimate tools” to run on infected machines, then relies on an “elusive network infTrastructure” to turn them into zombie proxie.
Accessed information includes delivery addresses, license numbers, names, phone numbers and more. Food delivery service DoorDash disclosed a data breach that affects almost 5 million customers, drivers and merchants using its platform. DoorDash, an on-demand food delivery service, connects end users with local restaurants and relies on contracted drivers who use their own vehicles for delivery, also known as “Dashers.” The company said on Thursday that users who joined its app-based service on or before April 5, 2018 are impacted – totaling 4.9 million consumers, restaurants who operated through the service, and “Dashers.”
People who have fallen victim to FortuneCrypt, Yatron, WannaCryFake or Avest ransomware should now be able to retrieve their encrypted files without giving into the extortion demands of cyber attackers. Three of the decryption tools have been released for free as part of No More Ransom, a joint initiative by tech security companies and law enforcement that is designed to help businesses and consumers in the fight against cybercrime.
Microsoft’s threat team has flagged an unusual flavour of malware, which is using an rare combination of techniques to fly under the radar of endpoint detection tools. The campaign uses “two unusual legitimate tools” to run on infected machines, then relies on an “elusive network infrastructure” to turn them into zombie proxie.
Fileless threat leverages widely used Node.js framework and WinDivert packet-capture utility to turn infected machines into proxies for malicious behavior. New malware identified by Microsoft and Cisco Talos has affected thousands of PCs in the United States and Europe and turns systems into proxies for performing malicious activity, the companies said.
