Digital Edition

SYS-CON.TV
Report Highlights Malware and Hacking Tools
Trojan Downloader.DCM, Trojan Dumador.BC, and Looxee: A Look at Viruses and Intruders

A report by Panda Software released today looks at three examples of malware, the Trojan Downloader.DCM, the backdoor Trojan Dumador.BC, and the hacking tool Looxee.

Downloader.DCM is a Trojan that downloads Dumador.BC and runs it. Like the majority of Trojans, it must be manually distributed. When it is installed on a computer, it uses a sophisticated technique to hide from any firewalls that can be installed on the computer: It creates a remote run thread associated to the process explorer.exe, so that the firewall thinks that Explorer is accessing the Internet, when Downloader.DCM is actually accessing. When it connects to the Internet, this thread deletes the downloader file and downloads and runs another file (the backdoor Trojan) from a specific website, pretending to be a temporary file.

Dumador.BC, the file downloaded by the downloader, is a backdoor Trojan that cannot spread by itself. Its function is to allow remote control of the affected computer by opening TCP ports in the computer and receiving remote run command requests. It also logs different user details and modifies the system hosts file to prevent the computer from accessing the websites belonging to antivirus companies.

Looxee is a hacking tool that monitors and logs different activities carried out by the user of the affected computer, such as the email messages sent and received, chats via instant messaging, websites visited and it even captures screenshots, among other actions. Curiously, it has a characteristic that warns the user, if a certain keyword is entered. This tool is not dangerous as such, but can be used for malicious purposes.

Microsoft Vulnerabilities
The report also notes that a series of vulnerabilities have been reported and are detailed by Microsoft in the bulletins MS05-025, MS05-026, MS05-027, MS05-028, MS05-029 and MS05-030.

These vulnerabilities affect various Microsoft applications and have been classified as "critical." The affected applications are Explorer, Windows, SMB (Service Message Block), Web Client Service, Outlook Web Access for Exchange Server 5.5 and Outlook Express.

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

The explosion of new web/cloud/IoT-based applications and the data they generate are transforming ou...
CI/CD is conceptually straightforward, yet often technically intricate to implement since it require...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
Enterprises are striving to become digital businesses for differentiated innovation and customer-cen...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't com...
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, wi...
The now mainstream platform changes stemming from the first Internet boom brought many changes but d...
DXWorldEXPO LLC announced today that Ed Featherston has been named the "Tech Chair" of "FinTechEXPO ...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in developm...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
In this presentation, you will learn first hand what works and what doesn't while architecting and d...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitori...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
If your cloud deployment is on AWS with predictable workloads, Reserved Instances (RIs) can provide ...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear...
We build IoT infrastructure products - when you have to integrate different devices, different syste...
Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling ...