Jump to content

Will MBAM protect against NightHunter?

Recommended Posts

OP should have sited sources below:
Tom's & Yahoo's postings:

Discoverer's & Namer's posting:

It's unclear if the discoverer/namer (Cyphort) is willing to, or has submitted, samples to the Anti-Malware community.
@Agent88: It is always necessary to directly quote your sources for true authenticity.
Thank you for the heads up. :)

Link to post
Share on other sites

Thanx 1PW !!


It is just another name for a new variant of an old ploy.
When Malwarebytes gets samples, they'll create specific signatures.  As the new ploy plays out they may develop a generic heuristic detection.
As with ANY malware, it is a race.  The malicious actors race to develop new undetectable malware and the anti malware vendors race to detect them ASAP.
If Phishing and malicious emails are used in  this ploy then the best defense is to recognize a Phishing email and delete it and delete email with attachments from people you do not know and if the email purports to come from someone you do know AND... you are not expecting an attachment, do NOT open the attachment until you vet the email with the sender.  If yoiu can't, delete the email.

Has MB addressed this security vulnerability?

Social Engineering is NOT something that Malwarebytes can address.  Social Engineering is the Human Exploit.  YOU are the one that must address thiis via education, critical thinking, situational awareness and a good dose of general caution.


NOTE:  I'll presume MB is not Milton Bradley but it is also NOT an acronym for Malwarebytes or the core product Malwarebytes' Anti-Malware which is MBAM.

Link to post
Share on other sites

Every time I tried to include the links, my post disappeared, so I gave up. Since this was in today's news, I thought it would be easy to find.


Multiple forum software packages take some getting used to. Practice makes perfect.


If you believe it could be of critical importance to some one, you can always type it in manually.


Thank you. :)

Link to post
Share on other sites

In the news today (Tom's Guide as reported in Yahoo News) says a massive malware campaign has, for the past 5 years, been collecting personal identity info from many sources.  Has MB addressed this security vulnerability?

It appears NightHunter is aimed at enterprise email accounts.   It also uses a unique method for sending back the culled informaton.  Evidently it has been around for five years but because of its unique method of returning information to the source has not been discovered until recently.

Link to post
Share on other sites

As far as I can tell, this particular malware uses malicious keyloggers which we do indeed detect. The article also mentions a bit of info about the droppers (the malware/Trojans that actually initiate the attack by getting the first bits of malware onto the system), describing them as archived binaries attached to phishing emails. If it's anything like the email Trojans I've been seeing for years now which are actually EXEs but use icons for PDF documents, Word documents and the likes, then Malwarebytes Anti-Malware is very effective at detecting them as we've been tracking and removing such samples with our heuristics quite well for a very long time now and I seldom come across any such samples that we miss these days even though I quite regularly find such samples lurking as attachments in my spam/junk folders for my various email accounts (I always download and scan them with Malwarebytes Anti-Malware to make sure we detect them, and if we don't, I immediately send the sample(s) off to our Research team so that they can ramp up our heuristics and nail them).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.