Linux trojan makes screenshots and records audio

Jan

20

2016

Researchers from the Russian anti-virus company Doctor Web discovered a Trojan for Linux that takes periodic screenshots and downloads files from an infected machine. The Trojan can record audio from a connected microphone.

The anti-virus company called the trojan Ekoms. The malware makes every thirty seconds a screenshot and saves it in jpeg format in a temporary directory. If the file is not saved, the Trojan attempts to save the file in bmp. This temporary directory is then uploaded to a remote server through a secure connection. The Trojan also looks for certain files in the home directory. Who do not find it, choose the trojan itself a subdirectory to save himself.

Besides the ability to take screenshots, there’s also code in the Trojan to record sound and store it as .aat file in wav format. According to Doctor Web this is nowhere else used.

The malware searches for the file “$ HOME / .local / share / .mozilla / firefox / profiled” and “$ HOME / .local / share / .dropbox / DropboxCache”. If any of those files is not found, the trojan makes them himself. How the Trojan spreads and how many systems there or with malware, the antivirus company said no.

Viewing:-118

Tags:

In: Technology & Gadgets Asked By: [15229 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »