Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Trend Micro says – AutoIT Surges in Nex-Generation Malware

Security firm Trend Micro notes that AutoIT which is a flexible coding language that has been in service ever since 1999 for scripting purposes in Windows, is now popping-up in next generation malware like Zeus variant which embezzles information from FTP websites and personal certificates efficiently.

Trend Micro in May 2013 reported that AutoIT was on the increase as a developmental language for malware referring to its extremely ridiculously easy Internaut experience which permits for rapid coding. It allows all from simple scripting that alters text files to scripts which do massive downloads with intricate GUIs. The firm said that one frequently seen AutoIT tool code was seen being uploaded to Pastebin as a key-logger - evidence and AutoIT was going to breakout in a colossal way.

Trend Micro notes that its doubts have established out as the Zeus variant for example arrives with a spiteful AutoIT file and junk files via spam emails. It slump a configuration file which encloses a catalog of beleaguered banks and financial sites and also embezzles the additional information as mentioned above.

Moreover, Trend Micro also identified two additional malware which using the same packer which Trend Micro detects as TSPY_CHISBURG.A and TSPY_EUPUDS.A. When TSPY-CHISBURG.A is loaded, it embezzles usernames and passwords from Hotmail, Pidgin, Yahoo, FileZilla and VPN/ISP credentials amongst others.

Likewise, TSPY_EUPUDS.A gets information from the tainted system like username, browser type and version and OS (Operating System) version. It also lifts information like user ID and passwords hoarded in certain browser types and criminals may employ the collected details to sell in the underground cybercrime or to initiate other attacks.

The latest AutoIT packer tool code which was found online can spread via removable or detachable drives has installation schedules and check installed AV software on the machine. Moreover, its code has refuse codes and concealed functions to make it difficult to analyze. Although these malwares (TSPY_CHISBURG.A and TSPY_EUPUDS.A) are old but they continue to be an effectual means to steal data especially with additional functions of the AutoIT packer.

Trend Micro advised users to be cautious of the emails which they get and to update their AV software on a regular basis to avert these malware.

» SPAMfighter News - 1/13/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page