Monday, January 25, 23:39
Home security Taidoor: new Chinese malware executive

Taidoor: new Chinese malware executive

As reported by three US government agencies, a new malware executive, called Taidoor, used in recent violations security from hackers of the Chinese Government.

Taidoor

The announcement was released by CISA, the Department of Defense Cyber ​​Command (CyberCom) and the Federal Bureau of Investigation (FBI).

The three companies have recently started working together to release joint reports on new threats emerging in the Internet. The first joint alert was issued in February, when the three companies warned of six new malware executives developed by hacker of North Korea.

However, their latest joint warning warns of a new one malware from China.

It is called Taidoor and has versions for 32 and 64-bit systems and is usually installed on a victim system as a DLL. This DLL contains two other files.

"The first file is one loader, which starts as a service. The loader decrypts the second file and executes it in memory, which is the main one Remote Access Trojan (RAT). ”

Taidoor RAT is then used to allow Chinese hackers to access infected systems and infiltrate data or develop other malicious programs.

The FBI says that Taidoor is usually developed in conjunction with proxy servers, to hide the malicious operator's actual source of origin.

According to the announcement, this is a new malware executive, however in a tweet the US government administration stated that the malware has been released silently on victims' networks for at least 12 years, since 2008.

The three companies also presented a joint malware analysis report, which contains suggested mitigation techniques and suggested response actions for organizations that want to improve their detection, prevent infections, or have already been infected and need to remove malware from their systems.

After the joint notice, the Florian Roth, its malware analyst Nextron Systems, said it had previously spotted samples of Taidoor, as of March 2019, but under the name Taurus RAT.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

00:02:40

COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...
00:02:17

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...