Fresh Trojan Misuses TeamViewer the Remote Control Program; ESET
According to security researchers at ESET the security company, they've detected one fresh PC-Trojan that contains TeamViewer the well-known remote control program for letting attackers carry out illegal Internet banking transactions via PCs that have been contaminated.
Understandably, TeamViewer, which comes free of charge, is normally utilized to avail remote help along with remote control over PCs that users connect to the Internet.
As per details, some researchers from Information Security Group (Group-IB) originally discovered the malware whilst conducting a forensic examination over the computers that certain Russian company, which had been defrauded, used.
Thereafter, security researchers at ESET analyzed it and dubbed it Win32/Sheldor.NAD. Notably, some 50% of the AV engines under VirusTotal have been found capable of spotting it.
Evidently, the malicious program installs a backdoor within Windows directory as well as a server of TeamViewer 5, which it operates within the console mode.
There's a very special reason for including this TeamViewer server i.e. to help evade banks' additional techniques for authentication. Incidentally, a lot of systems for Internet banking develop PC signatures, particularly to help business clients, as well as let validation from them.
Unfortunately, it's because of the above kind of malicious attacks that banking Trojans have increased during recent periods just like PandaLabs another security company outlines in its "2010 Annual Security Report." In that report, Panda Security states that cyber-criminals designed and spread over 33% of the entire malware programs that the company ever categorized during 2010. It also mentions that banking Trojans accounted for the maximum number of threats at 56%. Owing to these discoveries, the company forecasts that banker Trojans would remain the most widespread malicious program within the threat landscape of 2011 too.
Comment security researchers that with malicious software similar to the one that ESET currently analyzed, emerging, it appears that the forecast by PandaLabs is turning out true.
They therefore urge users to remain on guard from the aforementioned Trojan by making sure that their PCs don't accidentally copy it; ensuring that their anti-virus applications are up-to-date; scanning their systems fully for viruses; and eventually cleaning their registry off the value.
Related article: Fark.com Files Suit against Suspected Hacker from Fox13
» SPAMfighter News - 25-01-2011