Date:11/02/16
“The malware goes to great lengths to identify a total of 24 potential security products that may be running on a system and customizes its installation mechanism to specifically evade those that are installed,” wrote Palo Alto Network’s Josh Grunzweig and Jen Miller-Osborn. “It uses a multi-stage installation process with specific checks at each point to identify if it is undergoing analysis by a security researcher,” they said.
By recording conversations, T9000 has the ability to potentially steal sensitive personal details and private documents. The author of the malware hasn’t been uncovered but the brains at Palo Alto believe it has been used in several targeted attacks in the United States. The company says it has made the information public to help prevent others from falling prey.
"The author of this backdoor has gone to great lengths to avoid being detected and to evade the scrutiny of the malware analysis community. “We hope that sharing the details of how this tool works as well as the indicators in the section below will help others defend themselves against attacks using this tool,” explains the company. Palo Alto recommends that users be wary of a request by a program called “explorer.exe” to use Skype. It’s this program that allows the malware to capture video, text and audio files.
Skype, which is owned by Microsoft , has become one of the most popular video chatting programs and last year saw about 4.9 million active users daily – despite competition from the likes of Facebook and WhatsApp.
Sophisticated new malware spies on conversations and hides from anti-virus software
A treacherous new strain of malware targeting Skype conversations has been uncovered by security researchers. Known as ‘T9000’, it has the ability to record video conversations and take screenshots of people using the software to chat to each other. Worryingly, the experts at Palo Alto Networks who discovered the Trojan say it is able to dodge most common anti-virus programs.“The malware goes to great lengths to identify a total of 24 potential security products that may be running on a system and customizes its installation mechanism to specifically evade those that are installed,” wrote Palo Alto Network’s Josh Grunzweig and Jen Miller-Osborn. “It uses a multi-stage installation process with specific checks at each point to identify if it is undergoing analysis by a security researcher,” they said.
By recording conversations, T9000 has the ability to potentially steal sensitive personal details and private documents. The author of the malware hasn’t been uncovered but the brains at Palo Alto believe it has been used in several targeted attacks in the United States. The company says it has made the information public to help prevent others from falling prey.
"The author of this backdoor has gone to great lengths to avoid being detected and to evade the scrutiny of the malware analysis community. “We hope that sharing the details of how this tool works as well as the indicators in the section below will help others defend themselves against attacks using this tool,” explains the company. Palo Alto recommends that users be wary of a request by a program called “explorer.exe” to use Skype. It’s this program that allows the malware to capture video, text and audio files.
Skype, which is owned by Microsoft , has become one of the most popular video chatting programs and last year saw about 4.9 million active users daily – despite competition from the likes of Facebook and WhatsApp.
Views: 615
©ictnews.az. All rights reserved.Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World