Comment by scotty79

2 days ago

> Traditional security doesn't catch this.

> const backdoorCode = crypto.AES.decrypt( "U2FsdGVkX1+LgFmBqo3Wg0zTlHXoebkTRtjmU0cq9Fs=", "ERROR_FILE" ).toString(crypto.enc.Utf8);

Really? Isn't random garbage string pretty strong indication of someone doing something suspicious?

1 comment

scotty79

Reply
pixl97  1 day ago

I mean there are a number of tools that look for things like high entropy strings and other crypto keys.