Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems.
That’s according to new research published by Minerva Labs, describing the attack as different from intrusions that typically take advantage of legitimate software for dropping malicious payloads.
“The rootkit capabilities of Purple Fox make it more capable of carrying out its objectives in a stealthier manner,” the researchers noted. “They allow Purple Fox to persist on affected systems as well as deliver further payloads to affected systems.”
Source: THN