First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection

First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection

On

Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and…