Poweliks Trojan Virus Surging Continuously, finds Symantec

Symantec the security company has been observing a rise in infections from the Poweliks Trojan, published scmagazine.com dated November 3, 2014.

Being different from conventional malware, Poweliks rather than residing in the form of a file on an infected PC places itself inside the PC's sub-key registry.

The Trojan gets served via spam mails that pose as messages from USPS (United States Postal Service) or Canadian Postal Service even as it harms PCs via creating a backdoor for enabling more infections. Commonly, Poweliks-laced spam mails use the lure of undelivered parcel.

In its blog, Symantec wrote that whilst Poweliks Trojan was unique in its manner of remaining inside a PC, it could get installed on one via the more commonly available malicious spam mails.

Besides malware-laced spam attacks, another way by which Poweliks can get served is via exploit kits. Kafeine a security researcher states that the Angler attack toolkit was recently seen disseminating Poweliks starting September this year (2014).

Additionally, researchers from G Data a German security company documented Poweliks during July-end 2014 that shows the malware isn't any new malicious program.

Different from the usual file-less viruses, the Trojan in discussion manages in remaining active despite system reboots by utilizing a registry key that automatically starts up and thus bypasses detection by security programs.

For intercepting this kind of malware, it's essential that security software halts the medium that serves it prior to its execution, spots the consequent attack toolkit alternatively, notices the unusual behavior inside the registry where the malware resides.

Interestingly, within an earlier study about Poweliks, Threat Analyst Roddell Santos of Trend Micro another security company said that the Trojan's tactic with utilizing registry to bypass detection was crucial considering that file-dependent anti-viruses wouldn't manage in spotting any other kind of malware on the computer. Softpedia.com published this, November 3, 2014.

Santos continued that unwitting end-users, besides, wouldn't essentially check registries instead would hunt to find suspicious folders/files. Expectedly, the future would give more malware having identical characteristics while anti-viruses keep evolving.

Fortunately, according to Symantec, the threat from Poweliks is low and it's simple for restricting and eliminating the virus.

» SPAMfighter News - 11/13/2014