Researchers recently discovered a new Trojan malware that can
record the audio, video and text communications of Skype users and steal the
files on their affected devices. It’s a new variant of the T5000 malware family
which was linked to cyber-espionage activities allegedly by the Chinese
government.
The T9000 can find a way onto a user’s computer through malicious
RTF files. It will launch a multi-stage installation process where it checks
for installed security products on the affected computer and finds a way to
bypass them. The malware then piggy backs off a legitimate Windows executable,
dropping files into the victim’s computer to steal specific types of personal
information and files.
For Skype users, the malware will present them with a dialogue box
that says “Explorer.exe wants to use Skype (Allow/Deny)”. Once allowed, it will
record video calls, audio calls and chat messages and forward them into the
cybercriminal who executed the attack.
The malware can also take screenshots of the victim’s desktop. All
of these functions have been tested and confirmed by Palo Alto Networks
researchers who discovered the existence of the T9000.
“The author of this backdoor has gone to great lengths to avoid
being detected and to evade the scrutiny of the malware analysis community,”
Palo Alto Networks said in a blog post about the T9000. The malware is
particularly advanced given that it can adapt to different situations to ensure
that it makes its way onto a targeted PC.
Culled from: LifeHacker Australia
No comments:
Post a Comment