dcsimg

FireEye Researchers Uncover BaneChant Trojan

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

FireEye researchers recently came across new malware called Trojan.APT.BaneChant, which is delivered via a fake Word document called "Islamic Jihad.doc," indicating that it's likely being used to target Middle Eastern and Central Asian governments. According to FireEye, the malware is designed to upload information about the infected computer, then set up a backdoor for remote access.

Key features of Trojan.APT.BaneChant include the fact that it waits until it detects at least three mouse clicks before proceeding, performs a callback to a legitimate URL shortening service rather than directly to the command and control server, and waits for an Internet connection to download and execute malicious code, all to avoid detection.

"As defense technologies advance, malware also evolves," writes FireEye's Chong Rong Hwa. "In this instance, we could see that the malware has performed a number of tricks to defeat detection."

Submit a Comment

Loading Comments...