iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Trojan Hiding In Legitimate Security Software
Search:
[ insider_reports_insider ]

Trojan Hiding In Legitimate Security Software



John Vinson
Staff Writer
2011-03-03

SecurityProNews: Insider Reports Insider Reports RSS Feed


If one wanted to be clever, they could call this a "double trojan". The latest piece of malware discovered by Symantec could be a look into the next evolution in malicious software. What if trojans could hide themselves in actual legitimate software code?

Trojan Hiding In Legitimate Security Software
Trojan Hiding In Legitimate Security Software
An obvious outcome would be the trojans would be nearly impossible to identify preemptively. Beyond the information being released as to what software was causing the trojan.

The trojan in the spotlight hid itself in a chinese developed security software called KingSoft WebShield. The malware is also believed to have been developed in China as well.

The implementation of the trojan is a simple process. All of the code is exactly the same as the KingSoft Webshield, only a couple of files were added to allow the trojan access to the infected computer.

Éamonn Young, a Symantec researcher explains exactly what the trojan is capable of, "Kingsoft WebShield has the ability to lock the home page to a specific domain as well as to redirect URLs based entirely on plain text configuration files. This means that a person with malicious intent can repackage it using malicious configuration files and use this as a home-made Trojan package."

The trojan itself isn't the true danger, as all it really does is provide an annoyance to users when browsing the internet. The danger doesn't lie with the trojan, but the tools it used get itself transferred to the computer.

The KingSoft WebShield works perfectly when downloaded, which makes it hard for users to find out what caused their recent bit of malware. This is where the true danger lies. Imagine if a more devastating malware was relayed through the trojan, and finding the solution was harder to discover due to how it's hidden.

The simplicity of the solution created by the KingSoft WebShield trojan could certainly inspire others to follow suit. Leading to an influx of legitimate security software codes to be breached. If we can't even trust our security softwares, the prospect of PC security certainly falters.


About the Author:
John Vinson is a writer for numerous newsletters, and tech related websites.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds