Tuesday, June 11, 2013
Backdoor Backdoor.Tranwos encrypts files
According to experts antivirus company Symantec, recently malware writers have begun to use an encrypted file system to hide the presence of the virus in the infected system.
One of the viruses that use encryption was Backdoor.Tranwos, which is capable of downloading an infected computer other malware.
According to the researchers, the virus getting into the victim's system creates a temporary directory, then activate EncryptFileW API. This allows him to encrypt all your files and folders. Such protection not only deprives the experts able to access to malicious files with other operating systems (eg, Linux), but also does not allow them to use specialized software to analyze their contents.
More notifying Symantec can be found here.