Microsoft Discovers Trojan That Erases Evidence Of Its Existence

An posting from dark reading: Researchers at Microsoft have spotted a Trojan downloader that does something very savvy yet rare: it deletes its own components so researchers and forensics investigators can’t analyze or identify it.

The so-called Win32/Nemim.gen!A Trojan is also unusual in that unlike most Trojan downloaders that are put in place to deliver the real payload, this Trojan is also the payload, according to Jonathan San Jose, a member of Microsoft’s Malware Protection Center.

But the researchers lucked out and found some of pieces of the malware. “Most URLs that this trojan attempts to connect to for downloading are currently unavailable, but we got lucky and were able to find some of its components to investigate further,” San Jose says in a blog post.

To read more click here:

Be the first to comment

Leave a Reply

Your email address will not be published.


*


error: Content is protected !!