TrendMicro has released a new report which reveals the methods the CRIGENT malware used to operate.
The malware researchers from Trendmicro explained that the CRIGENT malware used the TOR networks to stay hidden and that it used the Windows Powershell function to install and spread malicious codes.
This is not the first malware which used the TOR networks to operate. The 64-BIT ZeuS/ZBOT also uses the TOR network to operate.
TrendMicro stated the following on the CRIGENT malware:
The fact that the Tor client is easy to set up allowed cybercriminals to carry out complex behaviors without deploying additional configuration files. The hidden services that Tor provides could also attract cybercriminals to abuse it even more in the coming months.
In this era of electronic transactions, nothing screams “crime” like a massive data breach, whether carried out by individual attackers or sophisticated cybercriminal gangs. Read the full TrendMicro report here.