A new malware framework, dubbed Winos4.0, has been identified by FortiGuard Labs as an advanced evolution of the infamous Gh0strat malware.
Currently actively used in the continuation of cyber operations, Winos4.0 is located in game applications and associated installation and tuning utilities. When run, this malware provides the attacker full control and access to the device under attack, with monitoring privileges.
Once a user installs one of these compromised applications, the malware downloads a seemingly harmless BMP file that initiates a multitude of attack processes.
It ends with the execution of “libcef.dll,” a main malicious file, which drops shellcode and facilitates C2 server connections.
The C2 server then controls the operation of the malware through remote control, which downloads encoded modules for data theft, clipboard trolling, and system scans.
The files also reveal that Winos4.0 has expressed special concern in the education sector, for instance through file names such as Student Registration System.
The malware Winos4.0 sets up persistence on the infected devices by creating tasks and modifying the registry, thus making it run continually. It hides information about C2 server under registry keys for communication and remote access to the affected computers.
NEVER Worry About Malware Again
Get our malware protection add-on which proactively detects & eliminates malware before it has a chance to wreak havoc.
As a result, the users should only download the programs from the trusted sources, install the reputable antivirus programs with the real-time protection, and watch for the changes in the system, for instance, new tasks in the scheduler and new entries in the registry.
This complex malware framework shows why system monitoring and protective measures on the endpoints are imperative.
Start Growing with Cloudways Today.
Our Clients Love us because we never compromise on these
Hafsa Tahir
Hafsa is a content marketer who has been in the organic growth space for the past three years. With her background in Psychology and UX, she enjoys reading users' minds and is keen to try the most creative product marketing angles. Her copies scream: "you're not just a paycheck to us". Loves to crack unfunny jokes, pay gym fee and not go, and write psychologically disturbing short stories for some reason.