The topics seem interesting but I'm having a lot of trouble parsing the contents of the article
> The malware launches a Powershell command, which then inserts malicious code into the Firefox browser. The attack is designed to infect movie torrent files and is also meant to infect Windows computers in particular. The point of the attack is to phish for any Bitcoin or Ethereum addresses that the user might have. It’s an advanced virus as it then actually aims to replace these victims addresses with the hacker’s wallet.
Not sure where torrent come into this at all, for example
Download a movie --> Magic Happens --> Powershell --> Firefox compromised! --> We infected your torrents! --> Ah, found your crypto. --> Your address is now replaced with my wallet!! Ha ha!
Based on the tweets, step two is that the "movie" is actually a shortcut file. The shortcut runs powershell with a short obfuscated command that downloads the malware payload. Then it does a variety of normal malware stuff.
John McAfee left only a few years into the company, and then McAfee AV slowly morphed into one of the most bloated applications in the business, riddled with spyware. They were one of the first to begin selling customer data. Like Norton, AVG, Avast and others are now doing as well.
I'm sure McAfee employs a few smart people but the management is radioactive. They simply do not have a cutting-edge security culture and people are their products, not their customers. Like Norton, they employ scare tactics and Dark UI in order to coerce customers into keeping the software installed. They try to worm their way into default installations so that they can exploit a computer for its entire lifetime.
Kapersky recently released a security bulliten on crypto mining and theft, they may be Russian but they are a crack security team and I would trust them over any of the other companies I've mentioned.
Thank you for the reply. I've only recently started becoming interested in cyber security, I participated in my first CTF late last year. I'm still very uninformed about the wider cyber security culture.
After reading the other sources, it appears that this exploits the way Windows executes things without warning the user. You download a video file, you click on it, and Windows unexpectedly executes some hostile code. What the payload does after that isn't really all that interesting, it could be made to do anything.
https://twitter.com/0xffff0800/status/1083585136833179648
There are a few screenshots in the tweet and the following ones to show how it works.
> The malware launches a Powershell command, which then inserts malicious code into the Firefox browser. The attack is designed to infect movie torrent files and is also meant to infect Windows computers in particular. The point of the attack is to phish for any Bitcoin or Ethereum addresses that the user might have. It’s an advanced virus as it then actually aims to replace these victims addresses with the hacker’s wallet.
Not sure where torrent come into this at all, for example
Download a movie --> Magic Happens --> Powershell --> Firefox compromised! --> We infected your torrents! --> Ah, found your crypto. --> Your address is now replaced with my wallet!! Ha ha!
Alright, I'm just gonna stop reading right there. Literally pick any cybersecurity company to quote other than McAfee.
So, it's true. They are very well known.
I'm sure McAfee employs a few smart people but the management is radioactive. They simply do not have a cutting-edge security culture and people are their products, not their customers. Like Norton, they employ scare tactics and Dark UI in order to coerce customers into keeping the software installed. They try to worm their way into default installations so that they can exploit a computer for its entire lifetime.
Kapersky recently released a security bulliten on crypto mining and theft, they may be Russian but they are a crack security team and I would trust them over any of the other companies I've mentioned.
https://securelist.com/kaspersky-security-bulletin-2018-stor...