AZORult hides as a Google Updater program and replaces the legitimate Google Updater program on the compromised systems. As the malware replaces the legitimate Google Updater program, it can achieve persistency without having to alter Windows registry or add any scheduled tasks on its own. Researchers recently observed the AZORult information stealer malware disguised as a Google Updater program and achieving persistence by replacing the legitimate Google Updater program on the compromised systems. Researchers from Minerva Labs, Asaf Aprozper and Gal Bitensky, detected the malware after they received a GoogleUpdate.exe binary signed with a valid certificate which was blocked by their security tool. Fake Google Update binary The researchers noted that the Google Updater program appeared to be legitimate, having the right icon and being signed with a non-revoked certificate. However, upon closer inspection, the researchers found that the binary was actually signed
Red Securium Company Provide Web Services | Web Development | Software Development | Digital Marketing Service | Video Marketing Service | Video Logo Service & SEO Service. www.redsecurium.org Contact Us - +91 120 429 1672