Ramnit’s new PowerShell loader sLoad performs multiple geofence checks throughout the infection chain making it ‘unusual’, according to security researchers
Author of the report Chris Dawson, project threat intelligence lead at Proofpoint, told SC Media UK that while geofencing is relatively common as far as banking Trojans are concerned, “the pervasiveness of geofencing that occurs throughout the infection chain is a bit more unusual”