Mandiant, Inc.
System and method for detecting and remediating a cybersecurity attack

Abstract:

According to one embodiment, a computerized method is directed to neutralizing callback malware. This method involves intercepting a message directed to an endpoint device, where the message is in response to a callback message sent from callback malware operating on the endpoint device. Thereafter, a first portion of information within the message is substituted with a second portion of information. The second portion of information includes code that is configured to overwrite at least a portion of the callback malware and cause the callback malware to become inoperable or mitigate its operability.