Did you know that some types of malware are more ‘intelligent’ than others? A recently discovered backdoor Trojan called ‘Dino’ uses some innovative techniques that set itself apart from other malware variants and poses a more significant threat that your ‘typical’ backdoor.
Aspects of Dino’s custom file system allow for stealthy command execution, masking its activity from many detection methods. In addition, Dino has some task scheduling functionality, similar to a cron job, allowing for “set it and forget it” campaigns.
Impact on you
- Having any type of backdoor Trojan on your environment puts you at significant risk of data exfiltration, misuse of your assets (botnet, hosting malicious content), or further compromise.
- Dino poses an even more serious threat due to its focus on stealth and autonomous maneuvers
- The search function allows attackers to find specific (usually sensitive) files very quickly and with precision not seen in previous malware variants
How AlienVault Helps
AlienVault Labs continues to perform cutting edge research on threats like these, collecting large amounts of data and then creating expert threat intelligence as a result.The Labs team has already released IDS signatures and a correlation rule to the AlienVault Unified Security Management (USM) platform so customers can detect activity from Animal Farm. Learn more about this threat intelligence update and others in our forum.
- System Compromise, Targeted Malware, Animal Farm group malware