explo1t Posted September 25, 2017 Report Share Posted September 25, 2017 Nice writeup on Retefe Banking Trojan which is being spread through Word Documents to Swiss users. The article also describes in detail how Retefe Banking Trojan deploys TOR and Socat on the machine to setup a SOCKS proxy as a backdoor. http://www.pwncode.club/2017/09/deep-dive-into-retefe-banking-trojan.html 2 Quote Link to comment Share on other sites More sharing options...