A fresh malware that’s being duly advertised on the dark web
is SystemBC, which installs SOCKS5 proxies on the infected systems and sends
through another malware.
The malware is being advertised since April and it made its first
appearance in May, as the sources cite.
Per sources, it’s being distributed as a part of Fallout and
RIG exploit kits which are web-oriented systems that make use of browser-based
vulnerabilities to install malware.
To mislead the users into installing the malware the
above-mentioned exploits also send through malicious web-pages.
Formerly an unauthenticated malware, SystemBC is majorly a
demand-based proxy component for malware operators.
It can be deployed on compromised systems to shroud the
malicious traffic and other malicious activities within a system.
According to researchers the malware’s main gig is to
generate a SOCKS5 proxy server so that another malware could be pushed through
to “bypass the local firewalls” and “internet content filters”.
Researchers vehemently advise users to patch their systems
and not use older systems that use plugins that are vulnerable to attacks as this malware is pretty difficult to detect.