Websense Security Labs Unearth New Zeus Malware Variant
Websense Security Labs has identified a recently evolved Zeus strain that borrows techniques both old and new to evade detection and siphon and steal important data from those infected.
"In uncovering this latest iteration of the Zeus malware, Websense Security Labs researchers have shined a light on the evolving techniques of malware authors’ efforts to evade detection. Malware writers will continue to adapt and update their evasion techniques to stay just above the capabilities of most security solutions. The malware’s of use of encryption and HTTPS in its command-and-control communications underscores their efforts and attempts to stay hidden. This is one reason that it is now crucial for defenders to have security tools that inspect outbound SSL traffic and prohibit the loss of data through encrypted messages,” said Surendra Singh, Regional Director - SAARC at Websense.
Zeus PIF uses a dropper that relies on the hidden Windows ‘PIF' file extension executable; a technique which was used years ago and now appears to be making a comeback.
This variant persistently evolves and adapts the methodology of the information stealing procedures (a.k.a. hooking); a process seen as evolving from the Zberp variant.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.