@Dashrender said in DNSMessenger malware:

That's all fine and dandy my point was that this hack is currently worthless on its own it requires a previous hack in order to make this one work

The point is not how the infection was started. The point is that the infection itself is completely fileless. Never writing data to the disk.

There are multitudes of ways into a Windows system that an attacker could use to execute the initial code.