A new strain of malware was recently detected in a cloud-based file-sharing service, and its presence may herald a new and potentially dangerous security threat for Internet users in 2011.
The security firm Kaspersky Lab recently detected a piece of malware called "Trojan-Dropper.Win32.Drooptroop.jpa." The Trojan was found on Rapidshare (www.rapidshare.com), a popular cloud-based file-sharing and storage service. (Cloud computing is the process by which remote servers handle computer processing and data storage duties usually conducted by personal computers.)
The particular drooptroop variant (Kaspersky has identified more than 7,000) was first discovered around Christmas and titled "gift.exe." Once downloaded, the malicious "gift" can intercept browser functions, redirect user requests and allow an attacker to gain access to users' systems, explained Vicente Diaz, Kaspersky Lab researcher.
Drooptroop also automatically takes users to a rogue antivirus site that attempts to trick them into purchasing antivirus software they don’t need.
What’s worrisome to security analysts is that malware such as drooptroop does not appear in the body of the Rapidshare link, which means it can successfully evade capture by traditional security filters.
As more and more companies take to the cloud, security experts believe that cyberthieves will adapt to the changing landscape and continue to thrive.