Blog | G5 Cyber Security

New Trojan Disguised as Windows IME

A new attack technique in use right now enables attackers to inject Trojan code onto victims machines by disguising it as a Windows input method editor (IME) The payload in the new attack is a Trojan. Trojan, when run on a victim s machine, creates a new file in the System folder, named winnea.ime, according to an analysis by Websense researchers. Trojan then disables any antimalware software present and attempts to delete the executable files associated with the product.

Source: https://threatpost.com/new-trojan-disguised-windows-ime-070610/74175/

Exit mobile version