The SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines.
“The new malware strain has only one operation. Every 60 seconds it triangulates the infected systems’ positions by scanning nearby Wi-Fi access points as a data point for Google’s geolocation API,” Secureworks Counter Threat Unit (CTU) said in a statement
Source:: The Hackers News