Brand New Pandemiya Trojan Discovered in the Wild

Security giant RSA have announced that they have discovered a brand new trojan, dubbed Pandemiya, for sale on the underground markets.


Photo: Kentoh / Shutterstock

Averaging around $1,500 to $2,000 per license (depending on the suite of features you choose), this India-based bug is actually relatively cheap in comparison to other popular solutions that have been available for a number of years, and could supposedly be twice as effective given its apparent widespread nature.

Most “new” trojans you find are actually based on older code, usually with a few retouched bits that change things like its attack vector, basic functionality, or the position of the backdoor that its hacker will use at a later date in order to infiltrate the desktop or mobile device in question.

With 25,000 lines of fresh-off-the-presses programming, Pandemiya marks the first time researchers have seen a new trojan hit the market in at least a few months, if not quite a bit longer. This means it has a clear head start on the rest of the competition, and can offer hackers an undetectable method of intrusion that won’t pop up on any of the standard anti-virus testing platforms that so many consumers and enterprise customers have come to rely on as of late.

“Pandemiya is designed to enable a botmaster to spy on an infected computer – secretly stealing form data, login credentials and files from the victim, as well as taking snapshots of the victim’s computer screen. This malware also allows the injection of fake pages into an internet browser in an effort to gather additional sensitive information from the victims themselves.”

As trusted variants like the Zeus Trojan and CryptoLocker dominate the headlines lately, the researchers that discovered the bug were almost pleased to see that in a world of copycats, there are still hackers out there willing to put in the hard work to create something new that they can go up against.


Photo: RSA

Much like any superhero and arch nemesis share a mutual respect, and hatred, for the other’s abilities, Internet security firms have always tipped their hat in the direction of anyone who’s willing to take them on with a untested tool belt of goodies that neither has had the chance to play around with before.

“Like many of the other Trojans we’ve seen of late, Pandemiya includes protective measures to encrypt the communication with the control panel, and prevent detection by automated network analyzers. An interesting aspect of the application is its modular design, which makes it quite easy to expand and add functionality.

Pandemiya’s coding quality is quite interesting, and contrary to recent trends in malware development, it is not based on Zeus source code at all, unlike Citadel/Ice IX, etc.”

It’s this back and forth that keeps the fight fresh, and while RSA believes it shouldn’t take more than a couple updates at the higher reaches of the software spectrum to squash the problem out, it’s still refreshing to see a code monkey dedicate more than a year of his life to create something that throws the security industry for a loop, and keeps the rest of us on our toes for whatever might be coming on the horizon next.