How can cybercriminals use trigonometry to attack organisations?
CyberWhite Ltd
Join the CyberWhite Information Share LinkedIn group: https://www.dhirubhai.net/groups/8555211/
LummaC2 is a malware-as-a-service typically deployed to perform information theft on its victims. Version 4.0, the latest release, includes an anti-sandbox manoeuvre that tracks mouse movements to detect a human.
Five distinct points are taken from the cursor. Trigonometry will calculate whether the cursor positioning differs widely enough. If so, the user is determined to be human.
Otherwise, the malware will delay detonation and avoid detection.
Sandboxing is a common practice utilised by cybersecurity specialists. Isolated environments allow for testing of untrusted files, where malware cannot harm the system or network.
Sandboxing is usually automated; however, malware like LummaC2 now has measures to avoid these standard defence practices.
Fortunately, emulating mouse activity is a relatively straightforward procedure, but this sheds light on the endless game of ‘cat and mouse’ between cyber criminals and security specialists.
Cyber Security | Pen Testing | ISO 27001 | Cyber Essentials | Security Technologies | Speaker | STEM Ambassador | Mentor and Non Exec.
1 年Very informative - I thought I’d left trigonometry behind when I left school all those years ago - seems not! ??