| ▲ | Malware embedded into audio driver is silently recording from system mic(twitter.com) | |||||||||||||
| 32 points by CGMthrowaway 2 hours ago | 9 comments | ||||||||||||||
| ▲ | jml7c5 37 minutes ago | parent | next [-] | |||||||||||||
According to the vx-underground Twitter account, this is just Regin (which was first described in 2014): https://x.com/vxunderground/status/1995309917805179141 | ||||||||||||||
| ||||||||||||||
| ▲ | bri3d an hour ago | parent | prev | next [-] | |||||||||||||
I’m not sure this isn’t just some garden variety RAT that was named “audiod.exe”? The author seems kind of confused; there’s nothing driver related I can see here. They claim the malware was “injected” into a legitimate process, but the Microsoft audio graph process is “audiodg.exe” | ||||||||||||||
| ▲ | treetalker 2 hours ago | parent | prev | next [-] | |||||||||||||
https://xcancel.com/Officialwhyte22/status/19950249999340016... | ||||||||||||||
| ▲ | jacquesm an hour ago | parent | prev | next [-] | |||||||||||||
That's an OVH Singapore IP, did they flag this to OVH? That server should be taken offline and the contents preserved for forensics. | ||||||||||||||
| ||||||||||||||
| ▲ | efilife 33 minutes ago | parent | prev | next [-] | |||||||||||||
I quickly skimmed at through twitter and youtube profiles and it's apparent that this guy has no idea of what he's talking about | ||||||||||||||
| ▲ | fishgoesblub an hour ago | parent | prev [-] | |||||||||||||
"compressed .wav files" Interesting that the malware author isn't using actual compressed audio (No idea why the Twitter poster seems to think wave files are compressed) I would assume that you'd want to transmit as little data to evade detection. | ||||||||||||||