|
|
 |
|
|
Pages: 1
Spam Trojan Installs Own Anti-Virus Scanner
(Click here to view the original thread with full colors/images)
Posted by: Ion Silverbolt
Amazing the length they go to to improve malware:
Veteran malware researcher Joe Stewart was fairly sure he'd seen it all until he started poking at the SpamThru Trojan—a piece of malware designed to send spam from an infected computer.
The Trojan, which uses peer-to-peer technology to send commands to hijacked computers, has been fitted with its own anti-virus scanner—a level of complexity and sophistication that rivals some commercial software.
"This the first time I've seen this done. [It] gets points for originality," says Stewart, senior security researcher at SecureWorks, in Atlanta, Ga.
"It is simply to keep all the system resources for themselves—if they have to compete with, say, a mass-mailer virus, it really puts a damper on how much spam they can send," he added.
Read the whole post from Yahoo news here.
Posted by: pdnielsen
Mmmm. Clever.
Posted by: matt.modica
Wow. Reminds me of the nightmare called SpywareQuake, something similar. It uses a browser exploit to install itself as an antispyware program. It actually has a real scanner with signatures and other tools as well. It then then charges a fee to get the full version. I'm not even sure if that will let you remove it.
www.spywarequake.org (this is not the malware website, but one with a summary and removal instructions)
McAfee and a bunch of others didn't even pick up that one, I wonder if they will be able to get the signature for this one. Thats why HiJack This is so useful.
|
|
|
|
|
