Trojan Executes with Left Mouse Click

Monday, December 17, 2012 @ 04:12 PM gHale


There is now a Trojan that relies on a mouse hooking function to evade sandbox environments.

Attackers understand automated analysis systems don’t use the mouse, so they developed their Trojan so they come into play only when the system detects mouse movement.

RELATED STORIES
Malware Poses as Trend Micro AV
Backdoor Found at NDIS Level
Necurs Malware Growing
Chrome Wards Off BlackHole

Upclicker’s malicious code executes only after the user clicks the left mouse button and releases it, said researchers at security firm FireEye.

Upclicker establishes malicious communication only when the user performs this particular action.

A couple of months ago, experts from Symantec identified a similar Trojan which relied on mouse actions to determine whether or not it was being monitored by security experts.



Leave a Reply

You must be logged in to post a comment.