New Remote Access Trojan Used In Cyberespionage Operations (csoonline.com)

← Back to Stories (view on slashdot.org)

New Remote Access Trojan Used In Cyberespionage Operations (csoonline.com)

Posted by samzenpus on Wednesday January 13, 2016 @03:06PM from the protect-ya-neck dept.

itwbennett writes: Researchers from Arbor Networks have discovered a new remote access Trojan, dubbed Trochilus, whose detection rate was very low among antivirus products. The malware was discovered while the researchers were investigating attacks in Myanmar that were launched from compromised government websites. While the Myanmar attacks provided initial insights into the group's operations, additional research revealed that the hackers' activities extend beyond that country.

9 of 18 comments (clear)

Min score:

Reason:

Sort:

Trochilus sucks by turkeydance · 2016-01-13 15:09 · Score: 1

they found it
This is why I do everything on my iPhone by Anonymous Coward · 2016-01-13 15:34 · Score: 1, Funny

It's ultra secure, free of malware and on top of that - it totally doesn't have a government backdoor because Apple said it didn't. I use it for all my secret stuff and am safe and happy!
Hackers??? by jcbarlow · 2016-01-13 15:36 · Score: 3, Insightful

Perhaps we should just retire the word "Hacker" in this context and replace it with a more accurate term like "Spy". It's pretty obvious that this is espionage.
1. Re:Hackers??? by GrumpySteen · 2016-01-14 08:12 · Score: 1
  
  I think you mean "cyberspies" since this is about cyberespionage. But cyberspies can be cyberhackers, too (and they're all cyberpatriots who protect our cybershores from cyberterrorists).
Did I miss something? by sims+2 · 2016-01-13 15:58 · Score: 1

Its a new Trojan so? How did it get on the machine? Did they use a zero day exploit? That would be news.
Iirc a Trojan just installs something else when run something else had to put it on the system. Typically a drive by exploit from an ad network.
I could make a autoit script that would download and install Microsoft office while claiming to install libreoffice. You could call that a Trojan too right?

--
Minimum threshold fixed. Thanks!
1. Re:Did I miss something? by AHuxley · 2016-01-13 16:09 · Score: 4, Insightful
  
  The linked "Uncovering the Seven Pointed Dagger" has some interesting information on what was of interest (Special Economic Zones (SEZs) in Myanmar) and what was discovered.
  https://asert.arbornetworks.co...
  The ability to evade detection is interesting, likes to stay in memory and is resistant to simple malware detection. Remote uninstall, upload, download and could move within target networks.
  
  --
  Domestic spying is now "Benign Information Gathering"
Cool! by sunderland56 · 2016-01-13 16:04 · Score: 1

Wow, I know that robotic technology and haptic feedback was advancing quickly, but a remote access Trojan? Is there a public beta?
1. Re:Cool! by Applehu+Akbar · 2016-01-13 17:16 · Score: 1
  
  The bad news is that the first application will be a parental lockout.
Trojan launched from compromised websites .. by tetraverse · 2016-01-13 23:04 · Score: 1

Trojan launched from compromised websites and is only exploitable on Microsoft Windows.