Packet filtering trojan
Jarkko writes on the F-Secure "News from the Lab" blog:
Malware writers seem to have picked up a new trick for blocking anti-virus updates. Usually this is done with hosts-file by redirecting hostnames to localhost. Today we were looking at a new trojan called Fantibag that uses packet filtering to achieve the same goal.
This trojan installs a packet filtering policy that blocks access to several anti-virus companies and other mostly security-related sites. More info in the description.
0 Comments:
Post a Comment
<< Home