Limbo 2

Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.

Hi Stu

 

Information on this trojan is very vague to say the least and we've yet to confirm its existence. It certainly doesn't seem to be in the wild at the moment. From the information which is available it sounds very similar to Trojan.Silentbanker. Until we can get a sample we can't confirm what techniques are being used to evade detection. Most threats out there today use some technique to evade detection, e.g. packers, rootkits, encryption etc. Depending on the sophistication of the techniques being used, they may slow us down slightly but we've yet to come across something which is "undetectable". While there may be "infinite" variants, we will always attempt to create a broad detection which will catch all variants. Also, these days we're not solely reliant on traditional signatures to prevent infections. Features like Browser Protection, IPS and Proactive Threat Protection make it harder for these threats to get onto users' machines in the first place. 

 

Nevertheless we're attempting to track down a copy of this kit and once we do we'll be sure to get detection out as quick as we can.

 

Orla

Symantec Security Response

1 Like

Thank you , Orla.

Good to see you are woking with it.