Trojan Lurk was Hosted and Downloadable from Ammyy Admin Website


Security researchers from Kaspersky Lab found that attackers were using the Ammyy Admin website for executing drive-by download assaults with the purpose to plant a Trojan virus called Lurk along with other malicious programs. People use Ammyy Admin legitimate software to access desktops remotely. The software's website was hosting Lurk which could be downloaded unhindered. The Trojan exhibited a screen imitating Ammyy Admin's process of installation, said one Kaspersky blog post dated July 18, 2016.

Ammyy Admin is especially of use for Russian banks and high-profile companies. However, it also underwent the exploitation of fraudsters, like scammers over the phone. Many security software companies consider Ammyy to belong to the family of PUPs (potentially unwanted programs). Theregister.co.uk posted this, July 19, 2016.

Attackers' hack into the Ammyy Admin website took place in February, notes Kaspersky Lab. However, the site was recovered. Still the hacks continued. During April this year, Lurk was detected in one fresh version again maligning the downloading process of the Ammy Admin software. The Lurk variant like always would first verify if the target computer was of a corporate house before proceeding with its subsequent activities.

In June beginning, Russian officials arrested Lurk controllers who were thought to have stolen a computed sum of $45m (3bn rubles). Immediately prior to that arrest, Kaspersky researchers spotted one different type of malicious program -Trojan Fareit infecting Ammyy Admin's site. That Trojan was, however, removed and the website cleaned.

Taking cue from the above incidents, Tim McElwee President of Proficio, security firm, told SCMagazine.com over e-mail that organizations required deploying enhanced security measures in addition to the basic ones for making sure their websites didn't get hacked.

McElwee elaborated that it was astonishing on the other hand that many organizations didn't even make use of basic security safeguards, like IDS/IPS, a/v and firewalls. He continued that it was extremely important for all organizations to make sure that their security practices included the use of basic security software first. That way an attack could be wholly controlled so far as its mitigation was concerned, while be the right way to deal with it.

» SPAMfighter News - 7/26/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next