IXESHE

By Sumo3000 in Malware | 16 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
 More... More

IXESHE Description

ESG security researchers have observed a marked raise of highly targeted malware attacks on specific individuals, governments and organizations. While traditional malware attacks are designed to attack millions of computers, Advanced Persistent Threats, are often highly targeted and are at times even state-sponsored or linked to specific groups looking to further their own agenda. A particularly persistent group of these kinds of attackers is known as IXESHE due to the detection for the malware that they use. IXESHE has been known to target a German telecommunications company and governments located in Eastern Asia. Typically, an IXESHE attack will use malicious email messages that are targeted towards the attacked group. These email messages will contain attached PDF files that take advantage of various exploits in order to install malicious executable files on the victim’s computer system. ESGsecurity researchers have linked IXESHE attacks to two malicious email campaigns that took advantage of zero-day exploits in Adobe Systems software; one of these took place in 2009 and the other in 2011.

IXESHE and Command and Control Servers

IXESHE attacks will typically use command and control servers that, sometimes, may be hosted on the victim’s own networks. Through this method, criminals behind IXESHE were at one time able to take over at least sixty servers for use as malware command and control servers. This specific approach also gives criminals the advantage of being able to thwart PC security analysts due to the fact that their command and control servers will be hosted in the victim’s own networks. IXESHE attacks are very adept at covering their tracks, and the source of the attacks is often quite difficult to detect.

Known Targets of IXESHE Attacks

IXESHE malware attacks are designed to spy on the infected computer system, gathering data without the victim’s knowledge. ESG security researches have been able to determine three distinct victims for IXESHE attacks since 2009:

– An important telecommunications firm based in Germany
– Various electronics manufacturers located in Taiwan
– Governments of East Asian nations

Due to the fact that IXESHE malware tends to remain hidden in order to gather data without being detected, it is probable that many victims are not aware that they have become infected. As soon as a probable victim is identified, PC security researchers will contact them to warn them of the fact. ESG security analysts suspect that IXESHE attacks have been active at least since July of 2009.

Type: Malware

How Can You Detect IXESHE?

Download SpyHunter’s Detection Scanner
to Detect IXESHE.

Can’t install SpyHunter? Click here to view possible causes of installation issues.

Important Article Disclaimer

ESG Support Center

This entry was last updated on 06/18/12 and posted on 06/18/12. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
« VirTool:MSIL/Injector.gen!U
Windows Maintenance Guard »

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Popular Malware

Popular Trojans

Recent Malware

Home | SpyHunter Risk Assessment Model | Privacy Policy | End User License Agreement | Additional Terms and Conditions
Copyright 2003-2012. Enigma Software Group USA, LLC. All Rights Reserved.