A new variant of the Bublik Trojan has been detected with more complex features. Based on the analysis and findings, the variant uses spam and the Nuclear Exploit Kit as a method of distribution. Downloader Trojans like Bublik fill a critical role in the cybercrime marketplace by allowing malicious actors to create distributed malware installation infrastructures that can then be sold as a service to individuals involved in other cyber threat activity. While there are many similar types of malware in use today, Bublik is being used for malicious activity and appears to be under active development. As per security researchers, this Trojan is still under development and it is expected to grow in the future.
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street