Trojan Attack Rate Growing

Wednesday, November 5, 2014 @ 08:11 AM gHale


Trojans are an effective attack tool, but there is one increasing its infection rate that stands out a bit more in how it hides on a system, researchers said.

Poweliks malware differs from others in the way it resides on a compromised machine, opting to hide as a registry subkey in the computer’s registry rather than as a file, said researchers at Symantec.

RELATED STORIES
Sandworm Patch Bypassed; ICS Targeted
SCADA Alert: Sandworm Targets Systems
Espionage Group Targets NATO, EU
Bash Attack on NAS Systems

While Poweliks is unique in how it resides on a computer, it can arrive on a computer through more common methods, such as malicious spam emails and exploit kits. Once on the compromised computer, Poweliks can then receive commands from the remote attacker.

Poweliks can arrive in the usual type of method through malicious spam emails claiming to be a missed package delivery from the Canadian Post or the U.S. Postal Service (USPS).

The Trojan also has the ability to open users to additional malware downloads, as well as steal system data, researchers said in a blog post.

One researcher that goes by the moniker Kafeine said the Angler exploit kit has been distributing Poweliks since September.



Leave a Reply

You must be logged in to post a comment.