Thursday, August 01, 2019

Tip from SB ‏@SBousseaden

From SB
‏@SBousseaden

"if u see "devtools.selfxss.count" in cmd cmdline then likely it's #backswap banking trojan, also monitor changes to firefox user preferences "prefs.js", this malwr is a combin of smart tricks to inject JS within browsers with no proc code inj "
https://www.welivesecurity.com/2018/05/25/backswap-malware-empty-bank-accounts

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)