By GoldSparrow in Backdoors

Skun is a name that security analysts use when talking about a backdoor Trojan. The Skun Backdoor Trojan is a program that can be used to gain access to your PC without your notice. Versions of Skun are created by hackers around the world independently. The most common distribution technique used by threat creators is to employ spam bots and social engineering. Everyday computer users are likely to encounter the Skun Trojan provided as a ZIP file attached to spam email related to events promoted on social media like Twitter and Facebook. Most samples of spam mail loaded with Skun are tailored to include logos from trusted companies and a short invitation to download the attached file for more information on the subject. Less vigilant users might be curious enough to open the corrupted ZIP file and consequently, install the Skun Backdoor Trojan on their PCs.

When it comes to functionality, Skun appears to be a comparatively standard backdoor Trojan. We can classify the Skun Trojan among similar threats like Sisbot and ADDNEW. Security analysts note that Skun might use invalid and outdated digital certificates to bypass detection by Windows and initial runtime analysis by security scanners. Samples of Skun reveal that it will host its primary executable in the Windows directory in most cases. Researchers note that Skun can make alterations to the system Registry and gain a reboot persistence. The Skun Trojan is programmed to register itself as a service and run with Windows. That way it can survive a restart and allow a remote attacker to log into your PC remotely as long as the computer is turned on. Moreover, Skun can install hooks to the Windows kernel and track your keyboard and mouse input. An unusual trait of Skun is that it can change the Script.ini file utilized by the mIRC Internet Relay Chat Client, which allows an attacker to preview a copy of your conversation on the network. Computer users may not recognize the suspicious files used by Skun and need to use a reliable anti-spyware instrument to remove the threat. AV vendors may mark files related to Skun by using the following tags:

  • W32/Skun.A!tr.bdr
  • Backdoor.Win32.Skun.a
  • Backdoor.Win32.Skun!IK
  • Artemis!887A6859C3AB
  • Backdoor.Skun!7SbYJQK0TA4
  • Backdoor.Skun!7SbYJQK0TA4
  • BackDoor.Generic13.BDMK

Related Posts


Most Viewed