A Port Scanner, when integrated into malware, acts as a reconnaissance tool. Its core function is to probe a system or network, identifying open ports and the services listening on them. By scanning specific port ranges, the malware can discern potential gateways into further system exploitation. For cybercriminals, this feature is invaluable during post-exploitation stages, particularly for privilege escalation or lateral movement. If a high-privilege service is detected, it could be a prime target, especially if it's susceptible to known vulnerabilities or if the malware has already harvested relevant credentials. In essence, a Port Scanner aids malicious actors in widening their sphere of influence within a compromised environment.

Categories Privilege Escalation, Lateral Movements
Dangerousness Medium

Associated with Releases