Microsoft posted in a recent blog post that the Microsoft Defender found a trojan named ‘Astaroth’. This trojan can steal user data credentials and many more things.
The research team noticed a huge spike in the WMIC (Windows Management Instrumentation Command-Line) tool during the month of May and June 2019. They had deployed an algorithm designed to catch a specific form of file-less attack.
History of this trojan
“Astaroth” was last seen at 2018 and then earlier this year when it targeted users in Brazil and Europe. As per ZDNet.
The problem of this trojan
Astaroth is a file less trojan which means all of its operations happen in the system memory instead of the hard drive. This makes it harder for antivirus and other security tools to detect it and take some action.