IMCAFS

 Home

keyboy, a malicious program for tibetan people

Posted by punzalan at 2020-03-28
all

Citizen lab last week

Keyboy, a malicious program for Tibetan people. The attacker tried to send two targeted phishing email attacks to different targets, and the embedded attachment of the email is a. RTF document. The first attempt to design and exploit a 4-year-old vulnerability in Microsoft word processing. RTF documents, which was fixed as early as 2012. The second attempt was to exploit a newer vulnerability (2015). If exploited successfully, the attacker will implant the malicious program keyboy. Keyboy provides basic back door functions. The researchers' analysis of keyboy found that its CC servers are located in Guangzhou and Hong Kong respectively. Keyboy was discovered as early as 2013. Researchers analyzed samples of keyboy found in different periods and found that its development cycle was mainly focused on avoiding discovery of antivirus software.

November 21, 2016 20:33

Citizen lab last week reported a malicious program, keyboy, targeting Tibetans. The attacker tried to send two targeted phishing email attacks to different targets. The embedded attachment of the email is a. RTF document. The first attempt to design and exploit a 4-year-old vulnerability in Microsoft word processing. RTF documents, which was fixed as early as 2012. The second attempt was to exploit a newer vulnerability (2015). If exploited successfully, the attacker will implant the malicious program keyboy. Keyboy provides basic back door functions. The researchers' analysis of keyboy found that its CC servers are located in Guangzhou and Hong Kong respectively. Keyboy was discovered as early as 2013. Researchers analyzed samples of keyboy found in different periods and found that its development cycle was mainly focused on avoiding discovery of antivirus software.

Don't bow to evil, but continue to fight it bravely. ——Virgil

All registered trademarks mentioned in this site belong to their respective owners, comments belong to their publishers, and the rest of the copyright belongs to solidot.org (2009 -).

Beijing ICP Certificate No. 161336 Beijing ICP preparation No. 15039648-15 Haidian Branch of Beijing Municipal Public Security Bureau record No.: 1101080221500

Illegal and bad information reporting Tel.: 13070156560 reporting email: [email protected]

© 2023