OceanLotus

By GoldSparrow in Backdoors

Translate To:

The main functionality of a threat named OceanLotus, that was noticed by security analysts lately, is to deliver a payload. OceanLotus pretends to be a genuine scanner file from McAfee and spreads in a bundle that hosts the encrypted associated payloads and files. To bundle its data with other data OceanLotus uses a method called steganography, which is very effective. OceanLotus disguises its payload as normal files and legit applications and their file's names will be highly convincing.

To detect and eliminate security applications installed on the affected machine that can prevent the invasion, OceanLotus will set in motion a security bypass module. Then, an adapted version of the Remy backdoor will be introduced, which will give the controllers of the OceanLotus threat to start dominating the machine so that they can perform their harmful tasks.

There are different campaigns delivering OceanLotus, and its actions will depend on the tactics used by the one that is attacking the machine. The main actions that OceanLotus will perform include the identification of the infected machine, collection of data, changes to the boot menu options and the Windows Registry and much more. To eliminate this pest from an infected machine, you should use a trusted malware scanner, which will identify and remove OceanLotus, as well as other threats installed by it.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

OceanLotus

Submit Comment

Related Posts

Trojan.MacOS.OceanLotus-H

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen