South Korean organizations are being targeted in attacks with a new stealthy backdoor program that gives attackers full access to infected computers.
The malware has been dubbed Duuzer and while it's not exclusively used against targets in South Korea, it does seem that the hacker group behind it have a preference for that country's manufacturing industry, according to security firm Symantec.
Duuzer was designed to work on both 32-bit and 64-bit Windows versions and opens a back door through which attackers can gather system information; create, list and kill processes; access, modify and delete files; execute commands and more.
(Score: 1, Insightful) by Anonymous Coward on Saturday October 31 2015, @06:39PM
A lot of windows malware is running entirely ring3, that's enough for basic keylogging, stealth and phoning home. In linux you could target the various user writeable init scripts and config files for much the same effect, if the attacker is after banking details ring3/userland is all they'll ever need anyway.