A group of security researchers from Palo Alto Networks have published a report on several unique malware samples, which they have named “Magnet”.
The first sample is a passive Internet Information Services (IIS) backdoor developed in C++/CLI, a .
programming language very rarely used by malware authors, indicating that this backdoor was specially developed.
The second sample is a bootkit that uses an unsecured kernel driver to install a GRUB 2 bootloader for a rather unusual purpose.
The third sample is a Windows implant of a cross-platform post-exploitation framework, which despite its advanced capabilities has poor error messages that provide very little information about what went wrong, indicating a lack of testing.
This reports highlights three samples of rare and interesting malware.
