Your mouse may actually be a RAT in disguise


Security researchers have discovered a Trojan that attaches its malicious code to routines normally used only to control the inputs from mouse clicks.

The tactic is designed to smuggle malicious code past automated threat analysis systems. During such procedures there's no user input and certainly no mouse moving and clicking. The malicious code is designed to remain inactive unless the mouse itself is in use, giving a fair chance that the RAT (remote access Trojan) will remain undetected.

The growing volume of malware means automated threat analysis systems are increasingly important. Only the more unusual analysis work gets passed on to human analysts. Even if the mouse-attached RAT gets caught out at this stage it still gains extra longevity. The development means that anti-virus firms will probably need to include a virtual mouse clicker and nudger in their automated analysis routines.

 The sneaky mouse-hogging malware was detected by security researchers at Symantec. The security giant has also come across strains of malware that use "sleep mode" to evade dynamic analysis systems.


A detailed write-up of both (unnamed) threats can be found in a blog post here

Comments

Post a Comment

Popular posts from this blog

HACK GMAIL ACCOUNTS : GMAIL HACKER

Image
This tutorial is for education purpose try at you own risk                  This software will hack Gmail accounts. All you need is a bit of social engineering. Just follow the steps below: 1. Extract the RAR archive in a separate folder. 2. Run Gmail Hacker Builder.exe file on your computer. 3. Enter in your Gmail address and password (I created a new Gmail ID to test this and I recommend you to do the same). Hit on Build. Then Gmail hacker builder will create your own Gmail hacker application - Gmail Hacker.exe file which you can use to hack gmail password. 4. Now, send this Gmail Hacker.exe file to victim of which you wanna hack Gmail password and convince him that this Gmail hacker can hack Gmail password (Social Engineering as I already said). 5. Ask him to run Gmail Hacker.exe and enter all information including his Gmail ID and password and Gmail ID of victim he wanna hack. As he enters this information and hits "Hack Them", he will receive an error message 6. You
Read more

HACK HOTMAIL ACCOUNTS : HOTMAIL HACKER

Image
This Tutorial is for education purpose only.If any visitor visit this and if they gonna try this try at your own risk.                     I had previously discussed about  Gmail Hacker  to hack Gmail accounts. Likewise, this software can hack Hotmail accounts. Just follow the steps below: 1. Extract the RAR archive in a separate folder. 2. Run Hotmail Hacker Builder.exe file on your computer. 3. Enter your email address, password and subject of email you wanna receive. I suggest you to create a new email ID for this. You can use Gmail or Yahoo but avoid using Hotmail account. This email will contain the password you wanna hack. Also select appropriate smtp server address. The default smtp server address 587 is of gmail. You can google for smtp server addresses or can find it  here . Also, write a fake error message to display on the screen or leave it default. 4. Click on "Build". This will create your own Hotmail hacker in Hotmail hacker folder. 5. Now, send this Hot
Read more

How to Test Suspicious Links Before Clicking Them

Links can be compared to a mystery box: you never know what lies there until you open it. A wise person should treat links with caution. One never knows the rabbit hole a link could lead to. Caution is of utmost importance. Well, as an internet user, you can’t completely steer clear of links. You see them every day, and quite frankly, they’re enticing you to click. If you ever find a link suspicious, there are a few ways to test it: Hover over hyperlinks If you are don't know a hyperlink is secure or not, then hover the mouse cursor over the text to uncover the address. Then you can click later, if the address is legitimate. Note that phishing scams links use domain names which are similar to legitimate sites. Observance is the key to catching any frauds. For example, a phishing scam targeting this website may use something like  www.abc-hack-news.com , which appears similar to the real thing. It’s actually  www.latesthackingnews.com . Note the differences. Hovering over hy
Read more