Treacherous Trojan ‘Qakbot’ Unstoppable even after Removal

One kind of banker Trojan recently created fresh attack method that's utilizing contaminated PCs to work like control servers despite security products killing the malware's capability of stealing data.

The Trojan worm "Qakbot" proliferates via PC-networks while it filches credentials, downloads more malicious programs, and creates backdoors on PCs it contaminates. These entire activities it performs with its rootkit feature for treacherously staying concealed.

It was during late 2000s that the Trojan became noticeable. However, as a decade has passed it yet routinely causes fresh problems while currently in its latest technique of executing sinister operations, even removal of the malicious program from a contaminated network has failed to halt it. Zdnet.com posted this, June 19, 2017.

But certainly, every contaminated device isn't turned into one proxy control server. There are criteria the device must meet. One, there should be an Internet Protocol address of the device which must be within North America. Two, verification by Pinkslipbot should indicate the machine has web connection of high speed based on the Speed Test of Comcast. Three, the proxy server should be able towards creating ports on systems made for Internet gateways with the aid of UPnP (Universal Plug and Play), certain functionality that influences security decisions of end-users' Wi-Fi network.

Investigation is ongoing for figuring out the exact method utilized for knowing whether a contaminated system can be used as a proxy; nevertheless, the aforementioned three criteria believably have important roles to play.

McAfee recently shipped one software program that hunts a Pinkslipbot verified proxy server executing infections, as also eliminates malevolent port mappings.

However, according to security researchers, as Internet of Things (IoT) become common there can be more of the aforementioned kind of assaults threatening in a bigger way soon.

According to Karve, plentiful IoT appliances function via UPnP while they're continuously being deployed as well as used in numerous instances daily. With increase in their ubiquity, cyber-criminals are sure to find opportunities for exploiting UPnP in malicious operations. It's therefore advisable that end-users be wary of rules related to their local ports while keep their UPnP switched off from home routers when not needed.

» SPAMfighter News - 6/23/2017