Trojan.Spy.YEK Espionage Agent

BitDefender reports that Trojan.Spy.YEK has both spying and backdoor features, making it a very serious threat to businesses.  It sniffs for critical data and archives that may hold private information and sends them back to an attacker. 

With an encrypted dll in its overlay, this Trojan is easily saved into the windows\system32 directory (as netconf32.dll), and injects itself into explorer.exe.   The backdoor component registers as a listening service to receive and follow instructions from a command and control server, while the spyware component sends away target data, file, process and operating system information, and screenshots.

The Trojan appears to run equally well on all versions of Windows up to and including 7, and the fact that it targets private business data, seeking out all information linked to archives, e-mails, address books, databases and documents makes Trojan.Spy.YEK a prime agent of corporate espionage .

Advertisements