Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


G-Data Uncovers Malware Sample so far Undetected Since 2012

G-Data has just detected one malware strain which was thus far undetected from 2012. Dubbed as Win32.Trojan.IcoScript.A, the malicious program represents an early RAT (remote administration tool); however, there's one special method for it to interact with its command-and-control (C&C) system. The malware, which's highly modular, exploits Gmail and Yahoo, well-known web platforms while communicating with its C&C.

It utilizes Microsoft Windows' Component Object Model mechanism for manipulating Internet Explorer while carrying out HTTP queries destined for distant software and service. The malware has scripting language of its own with which it performs tasks.

IcoScript is unique in that it establishes linkage with an account on Yahoo Mail that the malware's creators control, for taking directions that are kept within differently-constructed electronic mails inside the inbox. For corporate environments, there's hardly ever blockage in accessing Web-mails, with the traffic not really regarded as dubious.

Besides, the malware's form of being modular enables attackers towards moving onto yet another Web-mail facility, say Gmail, without difficulty, alternatively even for utilizing LinkedIn/Facebook also popular services for regulating the malware, given blockage of communication is low-risked.

Paul Rascangeneres, Researcher with G-Data explains that incident response groups normally control the IcoScript type of malware through the blockage of URL that is hosted on any proxy server. But, with IcoScript, in particular, URLs aren't so easy to block, as their origin is from trustworthy services' servers. IcoScript's efficiency can enhance once attackers employ differentiated means for their C&C while creating the malware's multiple samples for utilization of unspecified counts of social-networking websites, lawful Web-mail services as well as cloud storage facilities, Rascangeneres claims. Threatpost.com published this, August 4, 2014.

The researcher continues that only when there's real-time network flow that incident response groups' control of the malware should be performed, a mechanism that's more difficult to realize as well as to keep. The implication is that attackers are aware of the groups' style of working as also that they may so make their communication that it becomes both costly and complex for detecting as well as controlling the malware, he concludes. Securityweek.com published this, August 4, 2014.

ยป SPAMfighter News - 8/11/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page