Kraken botnet how Windows Defender cheats

Microsoft recently updated Windows Defender to prevent the viewing of folders and files that have been excluded without administrator privileges.

This is a significant change, as many malicious users often use this information to hide malware in folders not controlled by Windows Defender.malware code

However, this cannot stop a new botnet called Kraken which was recently discovered by ZeroFox. This is because Kraken adds itself as an exception instead of trying to find out which folders have been excluded. It's a relatively simple and effective way to bypass the Windows Defender scan.

ZeroFox reports:

During the Kraken installation phase, it tries to move to% AppData% \ Microsoft.

To stay hidden, Kraken runs the following commands:

powershell -Command Add-MpPreference -ExclusionPath% APPDATA% \ Microsoft attrib + S + H% APPDATA% \ Microsoft \

ZeroFox reports that Kraken is an information theft malware associated with cryptocurrency wallets.

  Why still free Windows 10 and how do I upgrade?

ZeroFox reports:

It can steal various cryptocurrency wallets from the following sites:

% AppData% \ Zcash% AppData% \ Armory% AppData% \ bytecoin% AppData% \ Electrum \ wallets% AppData% \ Ethereum \ keystore% AppData% \ Exodus \ exodus.wallet% AppData% \ Guarda \ Local Storage \ leveldb% AppData % \ atomic \ Local Storage \ leveldb% AppData% \ com.liberty.jaxx \ IndexedDB \ file__0.indexeddb.leveldb

You can find more information about how Kraken works at blog of the company.

Registration in iGuRu.gr via email

Your email for sending each new post

Follow us on Google News iGuRu.gr at Google news

Leave a reply

Your email address Will not be published.

17 +    = 25

Previous Story

Google removes Ad-Trackers from Android

Next Story

Google Drive How to recover permanently deleted files