Cyber security experts have now founded a new malware attack linked to the notorious group DarkHydrus APT that uses Google Drive as its command-and-control server. They uses a backdoor Trojan, called RogueRobin, which infects victims computers by making them to open a Microsoft Excel document containing embedded VBA macros. Enabling the macro will drops a malicious text (.txt) file in the temporary directory and then it runs and then install the RogueRobin backdoor which is written in famous and most usable C# programming language and it will starts work in victims system.
It also contain antivirus debug code which make it very difficult to prevent or stops once it gets installed on computers. RogueRobin also uses DNS tunneling methoud—which means a technique of sending or retrieving data and commands through DNS query packets—to communicate with its command-and-control server. This is not the first time that this backdoor is troubling the users. The most important thing to be do to protect from this backdoor is that don't click any unknowing document or spam emails.Only open the verified sources