Advertisement
Top

Nymaim Trojan Fingerprints MAC Addresses to Bypass Virtualization

December 16, 2016

Via: Security Week
Category:

The Nymaim Trojan is now fingerprinting MAC addresses to see if it is running in a virtualized environment, SophosLabs security researchers warn.

The Trojan, often used to download additional malware onto compromised machines and recently associated with several ransomware campaigns, is comparing the targeted machine’s MAC address against a hardcoded list, which allows it to avoid virtual environments and thwart analysis tools.

Read More on Security Week

RELATED PUBLICATIONS

The power of passive OS fingerprinting for accurate IoT device identification
What Is OS Fingerprinting and How to Prevent This Threat
Portnox introduces IoT fingerprinting and profiling solution to address rising IoT security threats

Latest Publications

Network specialist debuts free tool that promises to solve VPN and ZTNA connectivity issues for good
Notorious Finnish Hacker sentenced to more than six years in prison
Passwords under seven characters can be easily cracked
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!