Pterodo trojan malware which is classified as “severe” threat by Microsoft, has a new strain.
An alert from the Ukrainian Computer Emergency Response Team (CERT-UA) on their Ukrainian language website states that along with External Intelligence Service of Ukraine, they have discovered a new modified Pterodo-type malware on computers of state authorities on Ukraine raising suspicions of state players.
As per the report by CERT-UA, the main difference between modifications from previous versions is the possibility of infecting the system through flash drives and other removable media, as well as infecting flash drives that connect to the affected machine for further distribution.
Furthermore, in this version, the attackers configured a targeted attack by assigning a serial number of the drive on which the system is installed and received information about the infected system. This allowed them to individually target which application to download and run.
In past, Pterodo class malwares was linked to Russia’s FSB, raising suspicions fromt he Ukrainian authories of possible involvement of Russian in this wave of attacks.