NDIS layer backdoor discovered by Microsoft

A new malware that allows attackers to get unauthorized access and control of computers installs as a driver at the NDIS (Network Driver Interface Specification) level. The VirTool:WinNT/Exforel malware allows an attacker to perform a number of different actions on your computer like uploading, downloading and running files, and to perform TCP/IP traffic routing functions. Although, the malware may not be noticeable by normal user-mode applications, the presence of the file named ndisxapi.sys indicates an infection!

Read more here – https://blogs.technet.com/b/mmpc/archive/2012/12/09/the-quot-hidden-quot-backdoor-virtool-winnt-exforel-a.aspx?Redirected=true

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top