Feeds

Your mouse may actually be a RAT in disguise

Plague-bearing horrors mask themselves as rodent chum

Secure remote control for conventional and virtual desktops

Security researchers have discovered a Trojan that attaches its malicious code to routines normally used only to control the inputs from mouse clicks.

The tactic is designed to smuggle malicious code past automated threat analysis systems. During such procedures there's no user input and certainly no mouse moving and clicking. The malicious code is designed to remain inactive unless the mouse itself is in use, giving a fair chance that the RAT (remote access Trojan) will remain undetected.

The growing volume of malware means automated threat analysis systems are increasingly important. Only the more unusual analysis work gets passed on to human analysts. Even if the mouse-attached RAT gets caught out at this stage it still gains extra longevity. The development means that anti-virus firms will probably need to include a virtual mouse clicker and nudger in their automated analysis routines.

The sneaky mouse-hogging malware was detected by security researchers at Symantec. The security giant has also come across strains of malware that use "sleep mode" to evade dynamic analysis systems.

A detailed write-up of both (unnamed) threats can be found in a blog post here. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Meet OneRNG: a fully-open entropy generator for a paranoid age
Kiwis to seek random investors for crowd-funded randomiser
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.