The most worrying thing with the new malware is that never comes alone. SystemBC tracking shows that one computer is also infected with a second threat.
Essentially, SystemBC can be used in addition to another malicious software. Attackers can integrate the proxy server offered by SystemBC and affect their target computers along with their underlying malware.
The main role of SystemBC is creating a SOCKS5 proxy server, through which other malware can bypass firewalls and online content filters. It can still connect to the command-and-control server without revealing its real IP address.
SystemBC is sold to other malware creators
SystemBC was first detected in May. However, the researchers of Proofpoint discovered one advertising in a hacking forum about anonymous malware, which appears to be SystemBC and has been around since April.
Initially malware had been detected in only a few campaigns. However, researchers have observed that for the last two months malware is shared through exploit kits like RIG and Fallout.
Exploit kits are web systems that exploit browser vulnerabilities to install malware on computers or to redirect users to webpages.
As SystemBC covers malicious network flow generated by other malicious programs, it is becoming increasingly popular among hackers.
The key point here is that if SystemBC is detected, there will surely be a second malware on your computer. Therefore, removing SystemBC will not solve your problems.
How useful was this post?
Average rating / 5. Vote count: