Blog | G5 Cyber Security

ZeuS GameOver, Brazilian Trojans and Boletos: an explosive combination

Boleto malware campaigns combine several new tricks to infect and steal from more users. One of the most recent is the use of non-executable and encrypted malware payloads XORed with a 32-bit key and compressed by ZLIB. A similar technique was used by ZeuS GameOver some months ago, but this time the files are using extensions such as.BCK and.JMP, instead ofENC. The criminals tend to encrypt the big payload files using this technique, as well as some removal tools.”]

Source: https://securelist.com/zeus-gameover-brazilian-trojans-and-boletos-an-explosive-combination/65797/

Exit mobile version