Potentially deadly Trojan is a modified security solution

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
An interesting tactic for hiding a Trojan has recently been spotted by Symantec researchers.

Instead of using entirely their own malicious code, the malware authors have decided to take advantage of the code belonging to the KingSoft WebShield browser protection software (part of the KingSoft Internet Security solution).

"The interesting part of this package is in its configuration, which allows an opportunity for malicious intent," explains researcher Éamonn Young. "Kingsoft WebShield has the ability to lock the home page to a specific domain as well as to redirect URLs based entirely on plain text configuration files. This means that a person with malicious intent can repackage it using malicious configuration files and use this as a home-made Trojan package."


More details - link
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top