Security News > 2017 > April > Script for remote DoublePulsar backdoor removal available (Help Net Security)

NSA’s DoublePulsar backdoor can now be remotely uninstalled from any infected Windows machine, thanks to the updated detection script provided by security firm Countercept. “The SMB version [of the script] also supports the remote uninstall of the implant for remediation, which was helped by knowledge of the opcode mechanism reversed by @zerosum0x0,” the company explained. It’s good to note, though, that using it to “clean” machines you don’t own is not advised, as it’s technically … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/NlYavw7oXCU/