Your one-stop web resource providing safety and security information to manufacturers

There is now a Trojan that relies on a mouse hooking function to evade sandbox environments.

Attackers understand automated analysis systems don’t use the mouse, so they developed their Trojan so they come into play only when the system detects mouse movement.

Malware Poses as Trend Micro AV
Backdoor Found at NDIS Level
Necurs Malware Growing
Chrome Wards Off BlackHole

Upclicker’s malicious code executes only after the user clicks the left mouse button and releases it, said researchers at security firm FireEye.

Upclicker establishes malicious communication only when the user performs this particular action.

Schneider Bold

A couple of months ago, experts from Symantec identified a similar Trojan which relied on mouse actions to determine whether or not it was being monitored by security experts.

Pin It on Pinterest

Share This