Looks for data in archives, e-mails, address books, database and documents
BitDefende, a provider of Internet security offerings, has warned against a new spying Trojan that can used as a corporate spying tool.
Describing as it ‘a serious enemy’ to corporate’s data, BitDefender said in a statement that Trojan.Spy.YEK sniffs for critical data and archives that may hold private information and sends them to the attacker, according to PC World.
BitDefender Malware researchers Doina Cosovan and Octavian Minea were quoted by PC World as saying that a spying malware in the local network of a company means danger and unfortunately the number of such threats is constantly increasing.
"With an encrypted dll in its overlay, this Trojan is easily saved in windowssystem32netconf32.dll and once injected in explorer.exe nothing can stop it from connecting (whenever necessary) to a couple of meeting spots with the attacker," the researchers said.
The new Trojan features Backdoor Spyware where the backdoor component enables it register itself as a service so as to receive and follow instructions from a command and control center, while the spyware component sends away data about files, operating system.
Trojan.Spy.YEK is capable of sending the collected files using a GET request and info regarding the operating system and computer, taking screenshots and sending the results, listing the processes on the system and finding files with a certain extension.
The researchers said that the new Trojan looks for data in archives, e-mails, address books, database and documents, and capable of running without problems on all versions of Windows from Win 95 to 7.