Nodersol is a new malware that goes unnoticed by antivirus programs and has already infected thousands of computers worldwide, mainly in Europe and the United States. The consequences could be significant, so it's best to prepare. We'll fill you in!
What is Nodersok
Nodersok is a malware without files that attacks Windows computers. It was discovered by the Microsoft Defender ATP Research Team this year, and is very difficult track because it uses Living-off-the-land Binaries (LOLBin). It has already managed several attacks against individuals, governments, and companies, among others. So far, most of the attacks have been focused in Europe and The United States.
How Noderstok works and spreads
stands out because it manipulates functions from the PC's own operating system, or tools from third parties, to sneak in while deactivating the antivirus' firewall.
How does it work?
This virus reaches computers via online advertising using the Node.js
, an open source software that allows packet capture and diversion for versions Windows 2008, 7, 10, and 2016.
Once it infects a computer, the virus starts browsing pages with the aim of generating monetization through fake clicks from online advertising. At the same time, it uses proxy servers to continue spreading to other PCs.
How to protect yourself from Nodersok
Nodersok has attacked many personal computers, so we advise you to be alert. Microsoft has recommended to avoid running HTA files (or HTML applications, apps that act with HTML and CSS pages similar to .exe files). Also, do not save your download history. Most importantly, keep the antivirus updated to receive patches that will keep you safe.
Image: © iStock.
This document, titled « Nodersok, a new malware that's undetectable by most antivirus programs », is available under the Creative Commons
license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM