![]() ![]() One of the programs, a plugin for the Microsoft Office applications Word, Excel and PowerPoint, then installed itself within the Windows Registry, ensuring that it was loaded every time an Office application is run. It is unclear how the malware, which was specifically programmed to avoid detection by security software and analysts, was initially spread.Ī “dropper” program named “INPEnhSetup.exe” posed as a Windows installer, which once activated contacted a server across the internet – a domain owned and operated by Xunlei - and “dropped” or installed three further malicious programs onto the system. Parts of the complete file can be hosted on many different computers, and the whole reconstructed by pulling the parts from different machines. ![]() ![]() The BitTorrent protocol breaks each file to be shared into small chunks and sends them across the internet between computers. The Xunlei software is very popular in China and has about 30% of world BitTorrent users, making it the most used BitTorrent client for the service, which allows peer-to-peer file sharing. The degree to which Xunlei Networking Technologies is implicated is hard to tell from the outside,” said Joan Calvet from Eset in a blog post. “The company officially admitted during a press conference that some of its employees have used company resources to create and distribute this program. The malware is classed as a Trojan, and only affected Chinese users, according to Eset. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |