Wednesday, 1 May 2013

Travnet, a new Trojan designed to steal files in compressed data

When reading news of SC Magazine dated on 26 April 2013, I was surprised that there is a new trojan, Travnet found by McAfee Labs with unique style. The trojan steals many files in various formats, and then the files are sent to a remote server in a compressed data chunks of 1,024 bytes. It is very small file through the protocol of http.
In my point of view, in the last several years, there is a change of cyber attack which frequently uses trojan as  a useful tool to attack targets. With trojan, the attackers can do many things from DDoS to stealing confidential data on target, even it can be designed to destroy system on targets, like Stuxnet and Flames. Such trojans are also used by criminals to attack banks and finance institution. There has been many cases due to trojan attacks. Officers of banks, governments, law enforcements and so on must be aware on this type of cyber attack. They should have steps to minimize the risks caused by this attack, and steps to prevent and avoid such attacks.

SC Magazine:
A new trojan capable of compressing stolen data and uploading document files to remote servers is being used in a targeted operation, researchers have found.
Upon infecting a machine, the malware, dubbed “Travnet,” gathers victims' information – such as their computer name, IP address, IP configuration details and a list of running processes – to communicate the information to a command-and-control server.
From there, botnet operators can determine the value of information on the compromised machines at their disposal, while sending further instructions, McAfee Labs researchers discovered.

For further info, please go the link below:

No comments:

Post a Comment