PROPagate Code Injection Seen in the Wild
Last year, researchers wrote about a new Windows code injection technique called PROPagate. Last week, it was first seen in malware:
This technique abuses the SetWindowsSubclass function — a process used to install or update subclass windows running on the system — and can be used to modify the properties of windows running in the same session. This can be used to inject code and drop files while also hiding the fact it has happened, making it a useful, stealthy attack.
It’s likely that the attackers have observed publically available posts on PROPagate in order to recreate the technique for their own malicious ends.
Posted on July 9, 2018 at 6:13 AM
No tags for this post.
more link ADS
Blockchain, bitcoin, ethereum, blockchain technology, cryptocurrencies
Information Security, latest Hacking News, Cyber Security, Network Sec
Information Security, latest Hacking News, Cyber Security, Network Security
Blog! Development Software and Application Mobile
Development apps, Android, Ios anh Tranning IT, data center, hacking
Car News, Reviews, Pricing for New & Used Cars, car reviews and news, concept cars