Cybersecurity researchers have revealed details about a new malware family that uses the Common Log File System (CLFS) to conceal a second-stage payload in registry transaction files in order to avoid detection.
The malware, named PRIVATELOG, and its installer, STASHLOG, were discovered by FireEye’s Mandiant Advanced Practices team. Details about the threat actor’s identity and motivations are still unknown.
Despite the fact that the malware is yet to be found in real-world attacks aimed at consumer environments or seen launching any second-stage payloads, Mandiant believes PRIVATELOG is still in development, might be the product of a researcher, or could be used in a highly focused attack.
To Read More: thehackernews
For more such updates follow us on Google News ITsecuritywire News.