Author Topic: nice story - Sneaky rat - hackers mine using your pc  (Read 456 times)

Offline paradis_pal

  • Comodo Family Member
  • ***
  • Posts: 66
nice story - Sneaky rat - hackers mine using your pc
« on: January 30, 2019, 05:08:37 AM »
This is a nice story, Comodo you are up to it:

A service under the name "Windows Cache Services", in the description it says: "Helps the computer run more efficiently by optimizing Cache services.". C:\Windows\INF\usbhub\0031\wcservices.exe

The files are in the hidden folder C:\Windows\INF\usbhub\0031

the first file is: C:\Windows\INF\usbhub\0031\wcservices.exe virustotoal

the second file is C:\Windows\INF\usbhub\0031\boot\config.exe virustotal

Will use the "Background Intelligent Transfer Service" to download this zip file with the extension tmp and random names (3 times)  to the location C:\Windows\servicing and then rename it to and then extract it to the same location C:\Windows\servicing.

The zip file contains lots of viruses that use your PC to mine cions for hackers

it will run OneDrive.exe and MsMpEngs.exe

The main problem is that Antivirus does not scan the hidden location C:\Windows\INF\usbhub\0031

And Comodo please add these files
« Last Edit: January 30, 2019, 10:38:55 AM by paradis_pal »

Offline abinaya

  • Comodo Staff
  • Newbie
  • *****
  • Posts: 24
Re: nice story - Sneaky rat - hackers mine using your pc
« Reply #1 on: January 30, 2019, 08:47:32 AM »
Hi paradis_pal,

Thank you for your submission.
We'll investigate and add detection for the malware.

Best regards
Abinaya R


Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek