Bleeping Computer researchers spotted an information-stealing trojan, dubbed Shakti, that is designed for corporate espionage and may have originated in India.
Once infected, the malware will configure itself to start automatically on login by configuring an entry in the Windows Registry and will then inject itself into a running process such as a web browser process, according to an Aug. 12 blog post.
Shakti then scans a victim’s drive for files with specific extensions and, when detected, will upload the entire file to the Command & Control server. Based on targeted file types researchers believe the malware is looking to steal trade secrets and corporate data.
Researchers said Shakti is currently detected by 34 out of 55 security programs but said most misidentify the malware as a generic trojan or downloader, rather than as an information stealer.