Routine log review unearths rootkit, which leads to discovery of memory scraper
In my line of work it’s quite common to be called in to investigate one piece of malware, and end up finding another. In this scenario, I was called in to investigate a piece of malware framed for stealing customer credit card data. While sifting through data, I found the real culprit. A memory scraper chameleon, capable of morphing into different versions to avoid anti-virus detection.
View the Slideshare below.
Was this post informative? If so, please share!
David Ellis (GCIH, QSA, PFI, CISSP) is Director of Forensic Investigations at SecurityMetrics with over 25 years of law enforcement and investigative experience. Check out his other blog posts.