Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Kovter malware now lives solely in the Windows registry

Kovter malware now lives solely in the Windows registry

2015/09/25

Softpedia - (International) Security researchers from Symantec discovered a new version of the Kovter trojan that reportedly mimics the Poweliks malware's survival methods, including the ability to hide its code in the Microsoft Windows registry, ensuring persistence and serving as an entry point for other malware. The Kovter trojan focuses primarily on click-fraud, and 56 percent of all infections have targeted U.S. users.

Source: http://news.softpedia.com/news/kovter-malware-now-lives-solely-in-your-computer-s-registry-492722.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:25:21