Monday, June 27, 2022

Malicious Telegram Installer Drops Purple Fox Rootkit

We have often observed threat actors using legitimate software for dropping malicious files. This time however is different. This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by AV engines, with the final stage leading to Purple Fox rootkit infection.

Thanks to the MalwareHunterTeam, we were able to dig deeper into the malicious Telegram Installer. This installer is a compile…

Read More

Latest news
Related news