2007: Super sophisticated Trojan will be raging

The extremely sophisticated technique that this Trojan uses will become popular in 2007, a security expert warns.

Named " Rustock ", the Trojan family first appeared almost a year ago. " The technique that Rustock uses will become the platform for malware in the future. Attackers are checking which technique is effective for replicating the model. Therefore, we anticipate Rustock will overflow. flooded in the future, "said expert Patrick Martin of Symantec.

A feature of Rustock and its reliance on a lot of modern rootkit tools to hide from security software. In addition, it also has the ability to change like a chameleon when infecting a file.

" Any malware has to find a way to infiltrate the system, stick to it, and download anything its author specifies, " Martin said, outlining the three most important tasks of all types of software. destructive. According to him, Rustock met all three "virtues" at an extremely high level.

Super sophisticated

Picture 1 of 2007: Super sophisticated Trojan will be raging Source: Techtree As soon as one foot is placed in the system, it will dig hard to get inside. The better the security tools, the longer the Trojan's lifetime in your computer is and the more profitable it is for the owner.

Like many other popular Trojans, Rustock is designed to spread spam from Zombie computer networks. Its "expertise" is picture spam, the problem has suddenly increased in quantity during the past October 2 and November 11.

Rustock "sticks" to the 32-bit core of Windows and obstructs some APIs (Application Programming Interfaces) to hide the new registry code and the files it installs on the computer.

Besides, it is also equipped with some features of rootkit detection software, making it difficult for security tools to sniff out. And yet, Rustock also has the ability to change the functions of some parts of Windows to bypass the firewall.

Rustock constantly transforms, this is a very popular hacker technique before. " It's like a polyphonic ringtone, " which means that while the original algorithm is still intact, the code that represents them changes every time a new file is infected.

Trong Cam