Ramnit returns with geofenced and stealthy PowerShell loader sLoad

Ramnit’s new PowerShell loader sLoad performs multiple geofence checks throughout the infection chain making it ‘unusual’, according to security researchers

Author of the report Chris Dawson, project threat intelligence lead at Proofpoint, told SC Media UK that while geofencing is relatively common as far as banking Trojans are concerned, “the pervasiveness of geofencing that occurs throughout the infection chain is a bit more unusual”

Click here to read complete article