|
|
|
|
|
|
by philpem
2448 days ago
|
|
|
For bonus points, the C&C server realises the incoming IP has Microsoft's name attached, and only sends back the adverts. For anyone else, it sends a malicious image file as part of the drop, which exploits an intentional security vulnerability in the dropper... That's actually disturbingly sneaky. |
|
|