Fresh Backdoor Trojan Getting Employed in Attacks Against South Korean Companies, Warns Symantec

According to Symantec the security company, one fresh and treacherous backdoor Trojan is targeting organizations in South Korea with which the attackers gain complete hold over the contaminated PCs; reported cio.com in news on October 27, 2015.

Symantec explains that although the Trojan, which is called Duuzer, is not exclusively aimed at South Korean targets, still it appears the manufacturing industry of the country is a particular choice for the hacker cabal perpetrating the attacks.

Presently, it is not clear what way the Trojan virus is spreading; however, there is a strong perception that it's getting distributed through watering hole and spear phishing assaults.

Duuzer, which becomes active on both 64-bit as well as 32-bit computers, examines if Virtualbox and VMware type virtual systems exist because then researchers won't be able to detect the malware prior to it doing its sinister tasks. In another technique by which the Trojan counteracts detection is giving it a new name after some genuine software that's already present on the host system.

Moreover, Symantec observed that the attackers seemed as running commands on the infected PCs, not in an automatic manner, via the backdoor. Within a particular instance, the attackers even designed one disguised edition of their malicious program, while in another they tried but failed in destabilizing SEP (Symantec Endpoint Protection).

Evidently according to Symantec researchers, Duuzer has a connection with two more malicious programs namely Joanap and Brambul which too have been employed during assaults on South Korean organizations. These two usually run together as well as typically help in logging and maintaining watch over the contaminated computers from the remote. All the three's level of risk is low even as they're merely one meager proportion of several malware samples targeting in South Korea.

Despite so businesses and individuals are recommended to deploy firewall that would stop any online connection to services which must not be freely obtainable, utilize complex passwords that are hard to crack, and educate employees on how not to view unexpected attachments in electronic mails else other messages, to protect their systems against the said malware's infection and resultant compromise.

» SPAMfighter News - 11/5/2015