TrustDefender Describes Most Infamous Trojan Torpig’s New Variant

According to a fresh report by TrustDefender Labs, one fresh variant of Torpig, the infamous Trojan, which acquired immense hype during 2008 at the time it was actively disseminated jointly with another known virus the Mebroot/MBR, has been released in 2011. TrustDefender published this on June 16, 2011.

Reportedly, during 2008, among all Trojans, Torpig proved as the most malicious because the vector through which it was disseminated i.e. Mebroot/Sinowal was extremely successful when it came to bypassing security systems.

States the report that the new Torpig variant is mainly enhanced in being capable of contaminating Windows 7 and Vista PCs in which Microsoft made it utterly difficult for malware to survive its improved security systems; however, not sufficiently difficult. The new Torpig doesn't any longer require administrator privileges for carrying out its malicious job as also it's currently completely adaptable to each of the Firefox and Internet Explorer browsers' latest versions.

There's one more interesting feature that marks Torpig. It compromises Google search results as well as possibly executes Clickjacking. Researchers noticed this happening with Carberp too and according to them, since it generates a lot of money, the exercise can hardly be regarded insignificant to perform.

Meanwhile, despite Torpig's payload impacting just the existing end-user, the Trojan in reality installs another DLL which it uploads to the process using administrator privileges, incase available. This implies that any end-user with administrator privileges other than the existing one will get contaminated. But, if such end-users don't have administrator privileges then just the existing end-user will get contaminated.

Says TrustDefender that because Windows 7 and Vista have improved security solutions, it'll become far simpler to detect as well as eliminate Torpig, but for that the end-user will require knowing that his computer system is infected.

Comments CTO Andreas Baumhof of TrustDefender, the new Torpig variant keeps on appearing on the extending list of extremely advanced malware typically Trojans like SpyEye or Zeus. According to him, although there's been immense publicity for Zeus, it is the low-profiled Trojans, which have proved as more effective, since it's more difficult to detect them, informs SFGate on June 20, 2011.

Related article: TRUSTe Certified Websites May Still Contain Malware

» SPAMfighter News - 6/30/2011