KRAKEN FILE LESS MALWARE ATTACK
10/15/2020
Kraken Attack operators injects malicious payload into legitimate Microsoft Windows Error Reporting (WER) Service to evade detection.
OVERVIEW
-
New fileless malware Attack technique called Kraken is abusing legitimate Windows Error reporting (WER) service by injecting malicious payload into it.
-
The Windows Error reporting service werfault.exe allows Microsoft to track and address errors relating to the operating system, Windows features, and applications. Unknown hackers are exploiting WER to evade detection.