Researcher claims to have found rare new Trojan
Newcomer Pandemiya running off original code base, says RSA security specialist
A cyber researcher claims to have found an entirely new Trojan that can steal Web form data and create fake webpages, the Register reported.
Pandemiya is available with basic functionality for $1,500, but a $2,000 version via DLL plug-in allows greater functionality, according to RSA's Eli Marcus, who discovered the malware. A new module is reportedly in development that will be uniquely designed for deployment against Facebook users.
New Trojans are normally based on existing, tried-and-tested malware codebases, but Marcus said Pandemiya was built from about 25,000 lines of fresh code.
Like its fellow Trojans, Pandemiya spreads through widely available exploit kits that target security holes in popular software, such as Oracle's Java platform and Adobe products such as Flash Media Player.
But Pandemiya is extremely resistant to analysis, using dynamic encrypted communications and other methods to evade isolation by cyber security researchers. Marcus believes the malware could become more popular among online hoodlums.
"The advent of a freshly coded new trojan malware application is not too common in the underground," he wrote, but Pandemiya could be "more pervasive in the near future".