A few words of thanks would be greatly appreciated.

Nodersok, a New Malware That's Undetectable By Most Antivirus Programs

Nodersol is a new malware that goes unnoticed by antivirus programs and has already infected thousands of computers worldwide, mainly in Europe and the United States. The consequences could be significant, so it's best to prepare. We'll fill you in!

It is a virus that uses online advertising to sneak into computers, but without installing them. This is the reason why it is very difficult to detect it, as reported by Microsoft and the cybersecurity company Cisco.

How Noderstok Works and Spreads

The peculiarity of Nodersok (or Divergent, as Cisco has named it) is that, instead of being installed through a malicious file, it uses functions of the PC's own operating system or tools from third parties to sneak into it, while deactivating the antivirus' protective barriers. Tracking is very complicated when using programs considered by the operating system and not being stored on the computer:

How do you do it?

This virus reaches computers through online advertising, using the framework Node.js (a program that runs JavaScript outside of internet browsers) and WinDivert, an open source software that allows packet capture and diversion for versions Windows 2008, 7, 10, and 2016.

Once it infects a computer, the virus starts browsing pages with the aim of generating monetization through fake clicks on online advertising. At the same time, it uses proxy servers to continue spreading to other PCs.

How To Protect Yourself from Nodersok

Nodersok mainly attack personal computers, so we advise you to be alert. Microsoft has recommended to avoid running HTA files (or HTML applications, apps that act with HTML and CSS pages similar to .exe files). Do not save your download history. It is also advisable to keep the antivirus updated at all times to receive updates and patches that limit the vulnerability of our equipment as soon as possible.

Image: © iStock.

A few words of thanks would be greatly appreciated.

Ask a question
CCM is a leading international tech website. Our content is written in collaboration with IT experts, under the direction of Jeff Pillou, founder of CCM.net. CCM reaches more than 50 million unique visitors per month and is available in 11 languages.

Original article published by . Translated by Daniel Telele. Latest update on by Daniel Telele.

This document, titled "Nodersok, a New Malware That's Undetectable By Most Antivirus Programs," is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (https://ccm.net/).