Editor's Choice
Analytical Instrumentation & Environmental Monitoring
Data Acquisition & Telemetry
Electrical Power & Protection
Enclosures, Cabling & Connectors
Fieldbus & Industrial Networking
Flow Measurement & Control
Industrial Computer Hardware
Industrial Wireless
IS & Ex
IT in Manufacturing
Level Measurement & Control
Maintenance, Test & Measurement, Calibration
Mass Measurement
Motion Control & Drives
News
Operator Interfaces, Switches & Relays
PLCs, DCSs & Controllers
Pneumatics & Hydraulics
Pressure Measurement & Control
SAIMC
SCADA/HMI
Sensors & Transducers
Smart Home Automation
System Integration & Control Systems Design
Temperature Measurement
Training & Education
Valves, Actuators & Pump Control


IT in Manufacturing



Print this page printer friendly version

Trojan.Spy.YEK, the corporate spying tool

1 December 2010 IT in Manufacturing

Spying Trojan that looks for documents and archives that may hold private information and sends it back to the attacker.

The Stuxnet troubles are long from being forgotten and any sign of outside intrusion continues to be extremely sensitive news. These days, business is hard as it is, but when some e-threat comes along and sniffs for critical data, things could not get worse. A spying malware in the local network of a company means DANGER and unfortunately the number of such threats is constantly increasing.

And Trojan.Spy.YEK having both spying and backdoor features is a serious enemy.  With an encrypted dll in its overlay, this Trojan is easily saved in windows\system32\netconf32.dll and once injected in explorer.exe nothing can stop it from connecting (whenever necessary) to a couple of meeting spots with the attacker.

The backdoor component helps it register itself as a service so as to receive and follow instructions from a command and control center, while the spyware component sends away data about files, operating system, while also making screenshots of the ongoing processes.

Some of the commands it is supposed to execute are: sending the collected files using a GET request, sending info regarding the operating system and computer, taking screenshots and sending the results, listing the processes that run on the system and sends them away, finding files with a certain extension. Shortly put, it uploads all the interesting data on a FTP server without the user’s consent.

The fact that it looks for all that it is linked to archives, e-mails (.eml, .dbx), address books (.wab), database and documents (.doc, .odt, .pdf etc) makes Trojan.Spy.YEK a prime suspect of corporate espionage as it seems to target the private data of the companies.

On top of that, the Trojan can run without problems on all versions of Windows from Win 95 to Seven. If you have not done that already, this should be a good time to try an antivirus.

Information in this article is available courtesy of BitDefender Malware Researchers Doina Cosovan and Octavian Minea.

For more information contact Alina Anton, BitDefender, +40 212 063 470, [email protected], www.bitdefender.com





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The DeepSeek effect: navigating AI’s new frontier
IT in Manufacturing
DeepSeek has emerged as a game-changer in artificial intelligence, offering a robust platform redefining how businesses approach AI integration. This change is especially important since it opens up AI to a wider range of organisations, including small and medium-sized enterprises that could have previously been priced out of the market.

Read more...
Automation, is it 2049 already?
IT in Manufacturing
It would come as no surprise that AI and ML are at the forefront of the increased efficiency movement, and are vital cogs in this sophisticated automated machine. A development that is extremely exciting, is autonomous systems.

Read more...
There’s a reason the A stands for Advanced in APC
Schneider Electric South Africa IT in Manufacturing
Today’s mineral processing companies face almost universal challenges, efficiently managing resources and high energy consumption, environmental compliance, barriers to technological adoption and the perpetual shortage of skilled labour. While there’s no miracle intervention, there are undoubtedly solutions that improve the above, and one is Advanced Process Control.

Read more...
Digital twins in manufacturing
Schneider Electric South Africa IT in Manufacturing
Digital twin technology can help create better products, fast. It can transform the work of product development too.

Read more...
New generative AI-powered maintenance offering
Siemens South Africa IT in Manufacturing
The Siemens Industrial Copilot is revolutionising industry by enabling customers to leverage generative AI across the entire value chain – from design and planning to engineering, operations and services.

Read more...
Building resilience in extreme environments
ACTOM Electrical Machines IT in Manufacturing
Extreme temperatures, corrosive substances and high pressures are just a few of the elements that make up the unforgiving operational environments characteristic of the petrochemical and oil and gas sectors. A proactive and nuanced approach to industrial maintenance is no longer optional for organisations, it is an absolute necessity to avoid disruptions and create the right conditions for success.

Read more...
Next-generation PLC technology with advanced chatbot functionality
Beckhoff Automation IT in Manufacturing
Beckhoff is taking automation technology to the next level with TwinCAT PLC++. Both engineering and runtime are noticeably faster, without compromising on TwinCAT’s signature strengths of seamless integration, compatibility and openness.

Read more...
Next milestone achieved for the Eplan Data Portal
IT in Manufacturing
The Eplan Data Portal offers users access to high-quality product catalogues from a continually growing pool of renowned component manufacturers.

Read more...
AI accelerates energy transformation
RJ Connect IT in Manufacturing
With the rapid expansion of generative AI applications, data centre power demand is reaching unprecedented levels.

Read more...
Optimising the product design process
Siemens South Africa IT in Manufacturing
OPmobility is partnering with Siemens to adopt its Teamcenter X Product Lifecycle Management software. OPmobility’s increasingly complex products now include electronics and software, to create energy storage systems, which include battery and hydrogen electrification solutions and fuel tanks.

Read more...











Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  Hi-Tech Security Solutions
»  Hi-Tech Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd | All Rights Reserved