Malware: mokes

Kaspersky Labs discovered a new piece of malware, dubbed Mokes, first in January this year. This backdoor has variants cross operating systems, including Windows, Linux and Mac OS X, written in C++ using Qt, a cross-platform application framework.

This backdoor specializes in capturing audio-video, obtaining keystrokes, taking screenshots every 30 seconds, monitoring removable storage like USB drive from victim’s machine. It can also scan the system for files with suffix .docx, .doc, .xls and .xls. This backdoor connects to command-and-control server with an encrypted channel using AES-256 encryption. It also copies itself to a handful of locations including caches belonged to Skype, Dropbox, Google and Firefox.

Infection vector and how widespread it is remains unknown to this point.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s