Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Dell Released Fresh Details of ‘Lurk Downloader’

Scmagazineuk.com reported on 8th August 2014, stating that Brett Stone-Gross, a Security Researcher at Dell SecureWorks Counter Threat Unit (CTU), recently analyzed and released new details of a malware called 'Lurk Downloader'.

The malware depends on an algorithm drafted to lace images with links directed to command and control server in encrypted form. The images are clear and with the help of code analysis only, the supplementary elements with it could be detected.

Lurk contains two items, one is dropper DLL (Dynamic Link Library) and the other is payload DLL which can extract and execute the payload.

Softpedia.com published news on 9th August 2014, quoting Stone-Gross as saying that a closer inspection of malware shows that it has some apparently random noise which is the actual malware code extorted after calling some Windows graphics API (application program interface) functions.

It is clear from the analysis that having executed the payload DLL, the tainted computer machine is scanned automatically for the definite presence of anti-virus (AV) products which averts the installation of the malware on the on to the system.

Kafeine, a Security Researcher, first detected Lurk malware back in February 2014. Lurk's previous versions are distributed via an HTML iFrame on hijacked sites, which depend on a Flash-based exploit (CVE-2013-5330) to infect the systems of passing surfers.

The malware employs digital steganography to insert information into a picture, which helps it to evade identification within compromised situations increasing its prolonged existence and making living of security analysts difficult.

The Register published news on 8th August 2014, quoting an explanation of Stone-Gross as that the Lurk showcases the power and flexibility of this technique (referring to digital steganography) and how it can be employed to avoid network unearthing and manual inspection by malware researchers."

He added that due to Steganography it becomes extremely difficult to discover the existence of hidden data like configuration file, bot command or binary update principally in digital files. Due to this, the employment of steganography in malware may become more common in future."

The company's statement confirmed that around 350,000 machines were infected by this malware resulting a loss of quarter million dollars.

» SPAMfighter News - 8/19/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page