A highly obfuscated malicious backdoor that has been infecting organizations worldwide since 2013 was recently observed abusing the Windows Troubleshooting Platform (WTP) feature for distribution, Proofpoint researchers warn.
Dubbed “LatentBot”, the threat was discovered late last year and is a modular bot. The malware allows attackers to perform surveillance, steal information, and gain remote access operations. What’s more, the malware remained largely undetected for roughly two years before FireEye caught a glimpse of it. Last year, the malware successfully compromised companies in the U.S., U.K., South Korea, Brazil, United Arab Emirates, Singapore, Canada, Peru and Poland.
Leave a reply