๐ New Banking Trojan Uses PowerShell to Alter Internet Explorer Proxy Settings
๐ก Newskategorie: IT Security
๐ Quelle: news.softpedia.com
There is a new banking trojan going around that uses Microsoft PowerShell to alter a computer's local proxy settings in order to redirect users to the wrong server when trying to access a banking portal. Banking trojans have hijacked computer proxy settings for years. This is how some of them operate. The difference is that they used local PAC (Proxy Auto-Config) files to achieve this, which they silently installed on infected hosts. Security researchers from Kaspersky Lab say they've now detected a new trojan, which they named Trojan-Proxy.PowerShell.Agent.a, that uses PowerShell, a task automation utility included by Microsoft with its Windows OS, which was recently open-sourced for both Linux and Mac. Trojan delivered as PIF files in spam email attachments This particular banking trojan... ...