The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: AtomBombing attack

Dridex Banking Trojan Gains 'AtomBombing' Code Injection Ability to Evade Detection

Dridex Banking Trojan Gains ‘AtomBombing’ Code Injection Ability to Evade Detection
March 01, 2017Swati Khandelwal
Security researchers have discovered a new variant of Dridex – one of the most nefarious banking Trojans actively targeting financial sector – with a new, sophisticated code injection technique and evasive capabilities called " AtomBombing ." On Tuesday, Magal Baz, security researcher at Trusteer IBM  disclosed new research, exposing the new Dridex version 4, which is the latest version of the infamous financial Trojan and its new capabilities. Dridex is one of the most well-known Trojans that exhibits the typical behavior of monitoring a victim's traffic to bank sites by infiltrating victim PCs using macros embedded in Microsoft documents or via web injection attacks and then stealing online banking credentials and financial data. However, by including AtomBombing capabilities, Dridex becomes the first ever malware sample to utilize such sophisticated code injection technique to evade detection. What is "AtomBombing" Technique? Code injection te

This Code Injection Technique can Potentially Attack All Versions of Windows

This Code Injection Technique can Potentially Attack All Versions of Windows
October 28, 2016Swati Khandelwal
Guess what? If you own a Windows PC, which is fully-patched, attackers can still hack your computer. Isn't that scary? Well, definitely for most of you. Security researchers have discovered a new technique that could allow attackers to inject malicious code on every version of Microsoft's Windows operating system, even Windows 10, in a manner that no existing anti-malware tools can detect, threaten millions of PCs worldwide. Dubbed " AtomBombing ," the technique does not exploit any vulnerability but abuses a designing weakness in Windows. New Code Injection Attack helps Malware Bypass Security Measures AtomBombing attack abuses the system-level Atom Tables, a feature of Windows that allows applications to store information on strings, objects, and other types of data to access on a regular basis. And since Atom are shared tables, all sorts of applications can access or modify data inside those tables. You can read a more detailed explanation of Atom T
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.