Most malware analysis these days targets Windows machines. However, trojans are becoming more interesting. Hackers create these trojans, and want to get backdoor access to any machine.
Trojan malware has stepped up game. Hackers want more access, so trojans are being created to target multiple platforms. Imagine the payload of a trojan being targeted to Windows, Mac, and Linux.
Due to recent discoveries of this multi-platform malware in a Columbian Transport site. A JAR (java archive) is used to detect what OS the user is running, and then the trojan is sent to infect the specific OS. And of course, this is all too similar to the Boonana Worm. Or how about the first cross-platform worm: Badbunny. Yeah, not so dumb now.
Keep an eye out or ear open for the latest in multi-platform malware. Predictions show that this will be an ongoing problem. Good thing we’ve nipped it in the bud. But, of course, studying all of the latest new threats is a key target here at seCURE Connexion.
One of the main things we look for in malware now has to do with whether or not it is multi-platform. If it has different inferences for different platforms, we want to discover it.
Also, one thing to keep in mind, that this is also a way to exploit Java by using it to gain temporary access to the operating system in question, and then gaining permanent access afterward by infecting the system. It’s an exploit-in-depth process to make sure each exploit is targeted at the said platform.
Web-based malware is also increasing, and languages like Ruby, Java, and Flash are all at risk. Since they are web-based languages, they need to be watched for vulnerabilities much closer than basic software languages, such as C++, C#, Delphi, etc.
What is even more interesting is the factors it uses to infect the system as well. Exploit traps work best, when they evade antivirus programs, know what platform they will be working on, and if the vulnerability exists to conduct the exploit. This is what we call “exploit-in-depth” (EID).
How can we counter this EID? By conducting defense-in-depth control over our computers. No matter the type of OS you have, the danger for malware will lurk around.