The Trojan makes sure the second desktop is hidden from sight.
A new Trojan, SectopRAT, has appeared in the wild which is able to launch a hidden secondary desktop to control browser sessions on infected machines.
The new malware was first
spotted by MalwareHunterTeam. In a tweet on 15 November, MalwareHunterTeam said the C# malware, compiled on 13 November, was able to "create [a] hidden desktop and run [a] selected browser there with full control."
This caught the attention of cybersecurity researchers
from G Data, who were able to obtain a second sample, compiled on 14 November, later submitted to Virustotal