Duuzer Trojan: A New Backdoor Targeting South Korean Organizations
Oct 27, 2015
Security researchers at Symantec have uncovered a new Backdoor Trojan that grants hackers remote access and some control over infected machines. " Duuzer ," as dubbed by the researchers, has been targeting organizations in South Korea and elsewhere in an attempt to steal valuable information. The Trojan is designed to infect both 32-bit and 64-bit computers running Windows 7, Windows Vista, and Windows XP. Duuzer gives attackers remote access to the compromised computer, allowing them to: Collect system and drive information Create, enumerate, and end processes Access, modify and delete files Upload and Download additional files Change the time attributes of files Execute malicious commands Steal data from infected system Know about victim's Operating System Duuzer Infects via Spear Phishing or Watering Hole Attacks It is currently unclear how the malware is being distributed, but according to Symantec Researchers, the most obvious routes ar