Full Stack Dev/Cybersecurity Analyst/IT Consultant (20yrs)
♥H♥α♥ɳ♥ɳ♥α♥ԋ♥ß♥ҽ♥ʅ♥ʅ♥ҽ♥
@hannahbelle
- 0 Followers
- 1 Following
- 3 Posts
Principal Enterprise Architect /Sr. Software Engineer (15yrs)
Full Stack Dev/Cybersecurity Analyst/IT Consultant (20yrs)
Full Stack Dev/Cybersecurity Analyst/IT Consultant (20yrs)
@nixCraft That's not good at all... I seriously doubt this will help them deliver packages any faster. It's clear they dont care about their customer AND their employees...
1.) Since youre already getting a UAC this dll could be installed via an installer that also registers the dll, correct?
2.) So, since this evades A/V as part of native Windows functionality, I feel like it would be useful to create some kind or hook to notify the user/DC/or IT Admin if that registry key is changed, or a new listener dll is registered with? (And perhaps a list of any other similar keys that exist offering the same perceived level of exploitation)
Back in the day (when I wore a black hat), a tool existed by Bernawulf (MPS++) that would embed itself inside an .exe or .scr and send through an Instant Messenger. It would immediately send back usernames, IP and other network info, windows usernames & passwords, etc... every time the victim changed their password it would an instant message with all the updated system info and creds. Sadly, It seems so much easier now to infiltrate and execute an attack. To all, please be safe.