Microsoft Discovers Trojan That Erases Evidence Of Its Existence
An posting from dark reading: Researchers at Microsoft have spotted a Trojan downloader that does something very savvy yet rare: it deletes its own components so researchers and forensics investigators can’t analyze or identify it.
The so-called Win32/Nemim.gen!A Trojan is also unusual in that unlike most Trojan downloaders that are put in place to deliver the real payload, this Trojan is also the payload, according to Jonathan San Jose, a member of Microsoft’s Malware Protection Center.
But the researchers lucked out and found some of pieces of the malware. “Most URLs that this trojan attempts to connect to for downloading are currently unavailable, but we got lucky and were able to find some of its components to investigate further,” San Jose says in a blog post.
To read more click here:
Leave a Reply
Want to join the discussion?Feel free to contribute!