Coreflood Trojan Compromises Computers to Steal Information
Security Experts at SecureWorks revealed that they found a malicious program called Trojan Coreflood created by a Russian group of malware writers. The Trojan is capable of recording keystrokes as well as stealing details of computer users.
According to the experts, the Coreflood Trojan infecting the computer network collects as large as 500 GB of data within a time period of a year or slightly more and transmits it to remote crime server. The security analysts also found that Coreflood's operators are extremely interested in recording the name of target company and copy its Windows machine's registering details. According to them, the attackers know very well the name of the organization they are attacking.
Further, the experts said that a unique aspect about the malicious Coreflood is that the Trojan seizes screen information along with passwords and allows members of the criminal gang to view information such as bank balances without using the stolen account credentials.
Also, the recent type of attack, discovered after an intense analysis, indicated that hardly any progress has been made in mitigating threat from botnets. Botnets are networks of compromised PCs that are used to distribute spam, capture passwords and cause other kinds of damages particularly at the administrative level, implying that users are at risk while working at office desktops.
Meanwhile, Stewart of SecureWorks expressed concern about the increasing malware and its activities, while Risk Wesson, Security Specialist at Support Intelligence, San Francisco, said that the infection rate continues to be high. However, he added that corporations' concern is low as many of them think it no big hassle in getting infected a number of times in a month, as reported by The New York Times on August 5, 2008.
Finally, according to the security experts, the new Coreflood blow is a result of the manner in which networks of computers are administered. In such networks, authority is centralized and automated program updates are used for large numbers of systems, leaving security of users at risk at office and home.
» SPAMfighter News - 22-08-2008