Limbo 2 Trojan defeats Symantec, Mac Afee:

You must of seen lot of post about different Trojans that claims to defeat AV solutions. All these so called stealth Trojan gets detected by commercial AV solutions like Symantec, Mac Afee. In fact, these trojans do manage to evade AV solution but those which are freely available. This time underground trojan writers have come up with a deadly and lethal Trojan Limbo 2: claims to evade top 10 Antivirus solutions and is confirmed by some AV solution providers.

According to the Prevx, an internet security company from England who analyzed this Trojan (got sample from some Underground Russian forum) , Limbo 2 is the most sought trojan in the underground community and making big bucks by getting sold out to almost $1300 per user license.
Yes, trojan writers too are protecting their intellectual property with end user licensing schemes.
Acques Erasmus, director of malware research, Prevx comments “This is a very organized and cataloged Trojan”.
Limbo 2 has its own crypto engine that morphs the shell and changes it frequently to avoid detection from installed AV solutions. This trojan is specialised in stealing online banking details of the Netbanking users.
Trojan is so intellent that it can hijack the online banking session and modify banking site on the fly to add custom fields on the web pages and get required information from the victim.
Antivirus solution providers yet to confirm this while are sure about providing solution as soon as they get the sample to analyse trojan.
As trojan has its own crypto engine, it will be fun to see how behaviour based detection technologies and heuristic techniques detect it.


About this entry