Category Archives: ruckguv

ThreatTrack Security Labs researchers have confirmed the credential-stealing Trojan Dyre  is using a new dropper — and a valid digital certificate — to carry out its dirty work over HTTPS connections. The Ruckguv downloader works by injecting a dll into an instance of Windows Service Host (svchost.exe). Windows Service Host then uses HTTPS to download […]

The post Dyre Spreading Using Code-Signing Certificates, HTTPS appeared first on ThreatTrack Security Labs Blog.

Continue reading Dyre Spreading Using Code-Signing Certificates, HTTPS→

ThreatTrack Security Labs researchers have confirmed the credential-stealing Trojan Dyre  is using a new dropper — and a valid digital certificate — to carry out its dirty work over HTTPS connections. The Ruckguv downloader works by injecting a dll into an instance of Windows Service Host (svchost.exe). Windows Service Host then uses HTTPS to download […]

The post Dyre Spreading Using Code-Signing Certificates, HTTPS appeared first on ThreatTrack Security Labs Blog.

Continue reading Dyre Spreading Using Code-Signing Certificates, HTTPS→