Alureon the notorious rootkit with its sinister contamination tendency and stubborn attachment to a system post installation is causing real trouble for its victimized end-users. Not only that, it's a challenge too, security investigators have taken in detecting fresh versions as well as unraveling its fresh tricks and methods. In its latest hazard against computer systems, Alureon is utilizing steganography a mechanism for concealing configuration files so contaminated systems can be made up-to-date with fresh commands. Threatpost.com published this on September 26, 2011.
Reportedly, Alureon uses steganography for one particular version, which a PC-Trojan commonly downloads and subsequently plants onto the victim's system. There's one fresh task the malware performs i.e. downloading "com32" a module from a distantly running Internet site. This module, when decrypted, produces several URLs that the free-blogging websites WordPress and LiveJournal host.
Researchers at Microsoft studied the code carefully that's most essential to restoring the web-pages and found that there was a basic parsing of the HTML element with respect to particular IMG labels.
...
