A few days ago, an elevation of privilege vulnerability in Windows was exposed, but only two days later, an organization called Powerpool was eyeing this vulnerability, and also produced a Trojan.
Even though the Trojan is made in a} very short period, its attack power remains important. Once the pc is attacked, the attacker will intercept the user’s screen to transfer and transfer files, steal user info and positive identification, and so on. what’s a lot of, this Trojan targets Google Chrome as its attack object. Its damaging action began with “tampering with Google Chrome’s upgrade program”.
This starts with the privilege vulnerability in windows. Originally, the update program in Google Chrome was a program with system privileges that was solely answerable for browser upgrades. However, the Trojan exploited this vulnerability and turned it into a tool to steal the user’s personal info.
When Google Chrome mechanically updates at consecutive time, the hidden Trojan will begin with system privileges, giving strange directions to user’s laptop, like automatic operation, silent observance screen, intercept personal info, transfer and transfer files, and even retrieve Outlook and net browsers to steal user’s account positive identification. The Trojan’s attack target is not limited to ordinary individual users, stealing personal privacy and information. it is also possible to attack corporate servers, stealing important corporate documents, and may even further extort or do other malicious action. Moreover, at present, the Trojan is mainly spread by spam, so if you receive an email with the unknown source, do not click it. According to the previous Power pool attacks, these emails may have been scattered in the US, Germany, Britain, Ukraine, Russia and other countries.
Secnic Consultancy provides the latest techniques to protect our users against zero-day vulnerability
In the face of unknown and fast Trojan attacks, taking the initiative to prevent beforehand is undoubtedly the foremost necessary task in protective network security. Secnic consultancy utilizes new technologies like computing, big data, cloud computing, IoT intelligent sensing, and blockchain to shield the country, national defense, vital infrastructure, society, and cities. Among them, its situational awareness system will capture international malicious attacks or network anomalies in real time.
In fact, typically the user is attacked is because of he/she lacks security awareness instead of the hacker moves too quick or the Trojan is just too powerful. Trojans cannot be mutely found within the pc, therefore we recommend network security assessment to intercept Trojans and alternative malware timely.