New Delhi, Oct 3 : Hackers too leave their fingerprints as they attack enterprises and individuals and cyber security researchers have now developed a new technique to “fingerprint” them, spotting two prolific Russian-origin sellers of Windows exploits.
The team from cyber security firm Check Point, when analysing a complicated attack against one of their customers, noticed a very small 64-bit executable that was executed by the malware.
The sample contained unusual debug strings that pointed at an attempt to exploit a vulnerability on the victim machine.
Even more importantly, the sample had a leftover programme database (PDB) path.
“With the absence of any online resource with this implementation of CVE-2019-0859, we realised that we are not looking at a publicly available PoC, but rather a real-world exploitation tool. This intrigued us to dig deeper,” the researchers said in a blog post on Friday.
Generally, researchers tend to look at the people behind a specific malware family as one unbroken unit.
Related stories
Subscribe
- Never miss a story with notifications
- Gain full access to our premium content
- Browse free from up to 5 devices at once
Latest stories