The Kovter malware sample that has infected systems around the world for the past couple of years is proving to be a case study in how threat actors constantly tweak their malware to keep one step ahead of the defenders. Trojan Kovter surfaced about two years ago as a screenlocker and scareware sample masquerading as a law enforcement tool. Since then it has been used in click-fraud and malvertising campaigns, as data-encrypting ransomware, and a malware installation tool.
View original story
Original source: Dark Reading