The IXESHE malware has been around since 2009, and so far has hit organizations in Asia, according to Trend Micro.
Somewhat lost in the blizzard of coverage this week of the
Flame malware that set upon Iranian computers was another cyber-weapon uncovered by Trend Micro that has hit businesses and government agencies in Asia, and a German telecommunications company in the region.
Dubbed IXESHE, the difficult-to-detect malware has been around since at least 2009, and gets into the network through a malicious PDF attached to emails that are sent from fake or compromised accounts. Once opened, the malware enables the attackers to easily gain and maintain control of the user’s system to do everything from terminate or start processes and services, download and upload files, and get victims’ user names to download and execute arbitrary files, get the system’s name and domain name, and spawn a remote shell, according to
Trend Micro’s report, released May 30.
