A Fileless Trojan “Astaroth” That Steals Credentials

A Fileless Trojan “Astaroth” That Steals Credentials

Microsoft posted in a recent blog post that the Microsoft Defender found a trojan named ‘Astaroth’. This trojan can steal user data credentials and many more things.

The research team noticed a huge spike in the WMIC (Windows Management Instrumentation Command-Line) tool during the month of May and June 2019. They had deployed an algorithm designed to catch a specific form of file-less attack.

History of this trojan

“Astaroth” was last seen at 2018 and then earlier this year when it targeted users in Brazil and Europe. As per ZDNet.

The problem of this trojan

Astaroth is a file less trojan which means all of its operations happen in the system memory instead of the hard drive. This makes it harder for antivirus and other security tools to detect it and take some action.

 

Post Updated On

2 thoughts on “A Fileless Trojan “Astaroth” That Steals Credentials”

  1. Hi, I love the thought of blazing new trails for Him and moving forward from out mistakes. We can use them as tools to learn from, or we can let guilt keep us in a rut. I choose to blaze forward. Thanks for the inspiration.

Leave a Comment