> <i>The SecureWorks team initially found the database by using the virus scanning tool VirusTotal to search for suspicious email attachments.</i><p>I feel like they left out a couple of reverse-engineering/hacking steps here. Or is it true, does VirusTotal have such capabilities and I am just ignorant?
This IEEE Spectrum article is bordering on blogspam. They don't link to the original article, which is IMO better in every regard (and very interesting):<p><a href="https://www.secureworks.com/research/wire-wire-a-west-african-cyber-threat" rel="nofollow">https://www.secureworks.com/research/wire-wire-a-west-africa...</a>