Her researchers Symantec they found one new edition of the Kovter trojan. The "mutant" version imitates it malware Poweliks and is able to roam your computer's registry without having to be stored on your hard drive.
Kovter, originally labeled 2013, has been one of the most modern malware. Since then, he has been constantly changing his MO, adapting accordingly to new hacking campaigns and security measures that have been put in place to stop him.
According to Symantec, from the 2.0.3 version Kovter malware, (this version first detected 2015 for the first time), malware began borrowing survival methods from Poweliks. So it can be hidden in the computer registry.
The Windows registry is a special feature, a database that contains user profile information, software and hardware settings that the Windows operating system uses on a regular basis.
By storing it in the registry, Kovter is well hidden in infected machines and serves as an entry point for other more serious infections.
Η Symantec αναφέρει ότι οι επιτιθέμενοι διανέμουν αυτή τη νέα έκδοση του Κovter κυρίως μέσω συνημμένων αρχείων που διακινούν με spam e-mail.
Symantec also reports that malware has infected users in the United States (56%), the United Kingdom (13%), Germany (8%), and Australia (2%).
"Kovter malware has been constantly evolving since it was first discovered and shows no signs of leaving the landscape very soon."
Symantec researchers say.
However, Symantec has developed and distributes a Trojan.Kotver Removal Tool free of charge.
You can download it from the link below.