It is designed to capture network traffic and steal files. It's a rootkit made up of two files, a driver and an encrypted virtual file system. The rootkit is able to take control of an infected machine, execute arbitrary commands and hide system activities.
The malware communicates over a peer-to-peer network. Providing it can find one computer with internet access within a compromised network, it's capable of stealing data from other infected computers on the same network – even if they don't have access to the interwebs
Similarities in techniques and technology point to links between Uroburos and a malware-based attack against the US around six years ago.
The link below has more details:
http://www.theregister.co.uk/2014/03/04/uroburos_spyware/
Here is the previous story where it was claimed to be from Russian government.
http://martin-news-bytes.blogspot.com/2014/03/20th-century-was-nuclear-threat-from.html
No comments:
Post a Comment