Malware Uses Trigonometry to Track Mouse Strokes

  /     /     /  
Publicated : 23/11/2024   Category : security


Malware Uses Trigonometry to Track Mouse Strokes


The latest LummaC2 infostealer version includes a novel anti-sandbox trick to avoid detonating when no human mouse movements are detected.



The latest version of the LummaC2 malware-as-a-service includes a new anti-sandbox maneuver — version 4.0 knows trigonometry and can use it to track mouse movements to detect when a human user is active on a compromised computer.
Sandboxing
lets cybersecurity defenders run untrusted applications in an isolated environment, where its behavior can be tracked safely away from the rest of the network. By only deploying when a human is active, the LummaC2
infostealer
avoids spilling its secrets to threat hunters in a sandbox, by only detonating when operating on a human-controlled computer, where it can actually gain a foothold in the network.
LummaC2 v4.0 continuously tracks and maps
the placement of the machines cursor at five distinct points, until the cursor positions differ widely enough to show human movement, a new report on the development from Outpost 24 explained.
After checking that all five captured cursor positions meet the requirements, LummaC2 v4.0 usestrigonometryto detect human behavior, the report said. If it does not detect this human-like behavior, it will start the process all over again from the beginning.
LummaC2 4.0 is constantly being updated with new features, the report added, including recent improvements to its obfuscation techniques, as well as updates to its control panel.
These incremental upgrades being rolled out by malware developers is a good example of the endless game of chicken being played by cybercriminals and defenders, according to a statement from Andrew Barratt, vice president at Coalfire.
Sandbox detection is a relatively common malware concept these days, Barratt said. Sandbox-based analysts will now have to ensure theyre emulating mouse activity based on actual patterns or that just follows the tracking requirements.
Although the trigonometry angle is interesting, Amelia Buck, a cybersecurity expert with Menlo Security, agrees the new mathed-up malware wont likely be a huge problem for security teams to protect against.
The impact will be limited since the current method to counter anti-sandbox measures is likely to be effective against this technique as well, Buck said in a statement. Its worth noting that the use of trigonometry in this technique adds an interesting element.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Malware Uses Trigonometry to Track Mouse Strokes