Hackers hiding malware in Windows Event Logs


In what seems to be a world first, hackers have used a custom malware dropper to plant fileless malware in Windows event logs for the Key Management Services (KMS).

Cybersecurity researchers from Kaspersky first spotted the new technique after being tipped off by a customer with an infected endpoint. The entire campaign, the researchers are saying, is “very targeted”, and deploys a large set of tools, some of which are custom-built, and some of which are commercial.

Source link