"US Aerospace Contractor Hacked With 'PowerDrop' Backdoor"

Hackers using native Windows tools infected at least one US defense contractor with a novel backdoor, potentially paving the way for further malware implantation or worse. In a June 6 report, Adlumin researchers dubbed the backdoor "PowerDrop," after a "DRP" string used in the code and because it is based in PowerShell, a dual command shell-plus-scripting language. PowerDrop has full access to the computer because it is run through Windows PowerShell, says Kevin O'Connor, Adlumin's director of threat research. It operates with administrative privileges, allowing attackers to execute any remote command they want. This article continues to discuss hackers using native Windows tools to infect at least one US defense contractor with a novel backdoor. 

Dark Reading reports "US Aerospace Contractor Hacked With 'PowerDrop' Backdoor"

Submitted by Anonymous on