Symantec Detects Trojan Designed for Latest Windows OSs
Researchers from Symantec the security company are reporting about one Trojan malware they have identified as Backdoor.Makadocs, which's disseminated using social engineering tricks as well as certain crafty Word files. The malware reportedly may successfully contaminate Windows Server 2012 and Windows 8 the most recent operating systems of Microsoft.
Essentially according to the researchers, the Trojan creator has revised the malware for affecting Windows Server 2012 and Windows 8, however, hasn't done anything in particular to make it risky for the said OSs thus far. This isn't something unlikely given that the OSs have found release only recently in October 2012 (not even a month has passed). Interestingly, they're already being widely used, while cyber-criminals have seized upon to act speedily.
Furthermore, the Trojan authors have leveraged Google Docs to make the malware still more charismatic. These are used for making sure communication is crystal clear between the computer that Backdoor.Makadocs compromises and collects data from, and the remote C&C server that issues commands to the Trojan.
Backdoor.Makadocs manages to act effectively owing to Google Docs that has certain "viewer" function, which extracts material from another URL that it then displays, in the process letting the victim see various file types inside his Web-browser.
The Trojan while violating Google's policies uses the Google Docs function for establishing a connection with its command-and-control system and possibly preventing the discovery of the same. The linkage with Google Docs' online computer is encoded with the help of HTTPS; consequently, locally blocking it, is made difficult.
Incidentally, Google can stop the said linkage with the help of a firewall.
As per the security company, the Backdoor.Makadocs comes in the form of RTF (Rich Text Format) alternatively an MS Word file.
Luckily, the majority users find Backdoor.Makadocs as targeting chiefly Brazil-based Internauts. Yet, other global users should remain vigilant about any dubious appearing files. Symantec consumers essentially are likely to find Makadocs reveal itself as "Trojan.Dropper."
Eventually, according to the company, for staying safe from getting infected with Makadocs, it's important to have the most recent security patches deployed onto ones' PC while having his anti-virus definitions updated.
Related article: Symantec Reports: Microsoft’s Vulnerability genesis of New Worm
» SPAMfighter News - 26-11-2012