Browse > Home / Blog article: New Storm Trojan attacks

New Storm Trojan attacks

By Janine de Blois

January 1, 2008

New versions of Storm Trojan attack have surfaced. Using different servers, the infected file names have also changed.

SANS Institute’s (ISC) and Prevx have identified a new infected download as “happynewyear.exe,” which has replaced “happy2008.exe”.

Storm attempts to cloak itself using a rootkit which enables it to hide from anti-virus programs. It has no visible running processes.

Marco Giuliani of Prevx and Russ McRee, an independent security researcher have posted their analyses online.

According to Giuliani, at least some security software is able to detect Storm as the rootkit is relatively old. Security companies are updating their software, but the fake domains remained active.

Since the newest Storm attacks begin the code has repacked hundreds of times enabling the malware to bypass signature-based anti-virus software. More than 400 variants are currently in circulation.

Click here to discuss this: Security Forums

Filed Under Malware 
Tagged:



Add to Bookmarks:

ADD TO DEL.ICIO.US     ADD TO DIGG     ADD TO FURL

ADD TO STUMBLEUPON     ADD TO YAHOO MYWEB     ADD TO GOOGLE     ADD TO SPURL


Related posts to "New Storm Trojan attacks":



Comments

Got something to say?





Visited 170 times, 1 so far today