'Rootkit + Trojan = Increased danger'
Security firm Sana Security is currently warning users of a new type of programmed malware aimed at stealing usernames and passwords.
Security firm Sana Security is currently warning users of a new type of programmed malware aimed at stealing usernames and passwords.
' Rootkit.hearse ' malware is more dangerous than the previous types of malware that steal personal information in the way it has been applied to 'hidden' techniques of rootkits that make playback they become extremely difficult.
However, to be able to perform the 'innate' function, this type of malware must successfully break into the user's system. It is also possible that this type of malware will still use methods to trick users into downloading malicious scripts or infecting a computer through other types of malware.
Once successfully hacked into the system, ' rootkit.hearse ' will immediately send sensitive user information to a server in Russia.
' Rootkit.hearse ' has two components: a trojan helps it communicate with the server in Russia and a rootkit software makes it possible to 'hide' from security tools. Security firm Sana discovered that the malware was downloaded along with the Win32.Alcra worm.
' Rootkit.hearse ' uses concealment techniques similar to Sony BMG Music Entertainment's infamous XCP copyright protection software. This malicious software spends most of its time lying dormant in the operating system; But whenever a user accesses a website that needs authentication, it immediately activates communication with the server in Russia. It will automatically read the password and username information and send it to that server.
As of the end of last Monday, according to Sana's test results, only 5 of the 24 security products are able to detect ' rootkit.hearse '.
As of yesterday, servers in Russia have contained more than 35,000 usernames and passwords taken from more than 7,000 different websites. Sana has informed Russian Internet service providers to handle this host. However, the company refused to disclose information about that server and Internet service provider.
- McAfee launches a free rootkit removal tool
- Vista: block Rootkit attacks on the operating system core
- Appears a trojan ...
- Alarm of dangerous bot, Trojan infection rate
- The fake Trojan add-on Trojan is extremely dangerous
- The Trojan couple has increased spam spread rates
- Learn about hidden threats: Rootkit and Botnet
- The new Trojan bypasses the virtual keyboard face
- New Trojan forged McAfee
- Sony compensates CDs 'rootkits'
What is the Snapdragon SiP chip? How to create a yellow circle around the mouse cursor on Windows Edit the Boot.ini file in Windows XP 3 ways to restart the remote computer via the Internet Vietnam computer market: Looking back a year How to restore deleted applications on Android How to increase the capacity of C drive on Windows 10, 8, 7 ... 8 security features of Windows operating system