Digital Edition

SYS-CON.TV
Report Highlights Malware and Hacking Tools
Trojan Downloader.DCM, Trojan Dumador.BC, and Looxee: A Look at Viruses and Intruders

A report by Panda Software released today looks at three examples of malware, the Trojan Downloader.DCM, the backdoor Trojan Dumador.BC, and the hacking tool Looxee.

Downloader.DCM is a Trojan that downloads Dumador.BC and runs it. Like the majority of Trojans, it must be manually distributed. When it is installed on a computer, it uses a sophisticated technique to hide from any firewalls that can be installed on the computer: It creates a remote run thread associated to the process explorer.exe, so that the firewall thinks that Explorer is accessing the Internet, when Downloader.DCM is actually accessing. When it connects to the Internet, this thread deletes the downloader file and downloads and runs another file (the backdoor Trojan) from a specific website, pretending to be a temporary file.

Dumador.BC, the file downloaded by the downloader, is a backdoor Trojan that cannot spread by itself. Its function is to allow remote control of the affected computer by opening TCP ports in the computer and receiving remote run command requests. It also logs different user details and modifies the system hosts file to prevent the computer from accessing the websites belonging to antivirus companies.

Looxee is a hacking tool that monitors and logs different activities carried out by the user of the affected computer, such as the email messages sent and received, chats via instant messaging, websites visited and it even captures screenshots, among other actions. Curiously, it has a characteristic that warns the user, if a certain keyword is entered. This tool is not dangerous as such, but can be used for malicious purposes.

Microsoft Vulnerabilities
The report also notes that a series of vulnerabilities have been reported and are detailed by Microsoft in the bulletins MS05-025, MS05-026, MS05-027, MS05-028, MS05-029 and MS05-030.

These vulnerabilities affect various Microsoft applications and have been classified as "critical." The affected applications are Explorer, Windows, SMB (Service Message Block), Web Client Service, Outlook Web Access for Exchange Server 5.5 and Outlook Express.

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being soft...
ChatOps is an emerging topic that has led to the wide availability of integrations between group cha...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
The cloud era has reached the stage where it is no longer a question of whether a company should mig...
The need for greater agility and scalability necessitated the digital transformation in the form of ...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an over...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and ...
While some developers care passionately about how data centers and clouds are architected, for most,...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - w...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is...
We are given a desktop platform with Java 8 or Java 9 installed and seek to find a way to deploy hig...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis too...
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software a...
The question before companies today is not whether to become intelligent, it’s a question of how and...