New Loki Variant Being Spread via PDF File

May 17, 2017

The Loki Bot has been observed for years. As you may know, it is designed to steal credentials from installed software on a victim’s machine, such as email clients, browsers, FTP clients, file management clients, and so on. FortiGuard Labs recently captured a PDF sample that is used to spread a new Loki variant. In this blog, we will analyze how this new variant works and what it steals. The PDF sample Figure 1. Content of the PDF sample The PDF sample only contains one page, shown above, which includes some...

Read more...

Previous Article
Spring Parade for Refreshed Android Marcher
Spring Parade for Refreshed Android Marcher

Android malware continues to grow exponentially now that it has overtaken the top position as the most popu...

Next Article
The Cybersecurity Threats Presented by Financial Services Remote Employees
The Cybersecurity Threats Presented by Financial Services Remote Employees

Security and IT professionals at large enterprises across all industries are faced with the daily task of h...