The Computer Emergency Response Team of Ukraine (CERT-UA) and the External Intelligence Service of Ukraine have detected new modifications of a Pterodo-type malware on computers of Ukrainian government offices, which can be a sign that a cyber attack is being prepared.
This virus collects data about the system, regularly sends it to command-and-control servers and waits for further commands, the CERT-UA press service said.
This modification is different from other versions because it can infect the system through flash memory sticks and other data carriers. It can also infect a flash data carrier plugged into an infected computer.
This modification is different from other versions because it displays a message during the activation of a file which makes it look less probable that a malware is being installed.
"The style of this malware is typical of targeted APT attacks and may indicate preparations for a targeted cyber attack on computer systems in Ukraine. The Pterodo backdoor enables discreet access to computer systems for use or control in the future, which can lead to information leaks, blocking of work, data encryption or other malicious actions," CERT-UA said.