From SB
@SBousseaden
"if u see "devtools.selfxss.count" in cmd cmdline then likely it's #backswap banking trojan, also monitor changes to firefox user preferences "prefs.js", this malwr is a combin of smart tricks to inject JS within browsers with no proc code inj "
https://www.welivesecurity.com/2018/05/25/backswap-malware-empty-bank-accounts
No comments:
Post a Comment