diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Storm Trojan switches tactics adds rootkit

The ongoing Storm Trojan attack that began Monday has morphed again, security researchers said today, changing the malicious file’s name, shifting to new malware hosting servers, and adding a rootkit to cloak the bot code from anti-virus software.

Spam messages attempting to dupe users into installing the bot-making Trojan now include links happycards2008.com or newyearcards2008.com, different URLs than in the second-wave attack that began Christmas Day. According to analysts at the SANS Institute’s Internet Storm Center (ISC) and U.K.-based Prevx Ltd., the name of the file users are asked to download has also changed from Tuesday’s “happy2008.exe.” The file being shilled today is tagged to “happynewyear.exe.”

More important is the behind-the-scenes addition of a rootkit to the versions of Storm now being seeded to infected machines, said researchers. Both Marco Giuliani of Prevx and an independent security researcher named Russ McRee have posted analyses of Storm’s cloaking attempt.

Full Article

Storm, Trojan, Rootkit, Spam, Spamming, Malware, Antivirus, Anti-virus

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...