News Snapshot:
Researchers have identified a rootkit with a valid digital signature from Microsoft being distributed within gaming environments in China. The rootkit, called FiveSys, is being used to redirect traffic to an attacker-controlled custom proxy server and is likely operated by a threat actor with significant interest in China’s gaming market, Bitdefender researchers say in a new report. The rootkit has been targeting users for more than a year; the primary motivation for its use appears to be credential theft and in-app purchase hijacking, the security vendor says. FiveSys is the second Microsoft-signed malware that security researchers have publicly reported in...
