In order to establish persistence on the system, the installer tampers with the operating system’s registry. It also creates an administrative account that allows remote access.
The post ESET research: Appearances are deceiving with Turla’s backdoor-laced Flash Player installer appeared first on WeLiveSecurity
Article Link: http://feedproxy.google.com/~r/eset/blog/~3/HWfogNvAA64/