VERY IMPORTANT

There is a new malware called Rurktar[2]. It’s a trojan spy which is installed as service called RCSU. The service connects back to the attacker machine and waits for commands which will be given by the attacker. The file size of the malware is mostly around ~50Kb, as you can see from the list of sample hashes at the end of this report. Currently, the trojan spy is still in development and is not spotted in-the-wild yet. This could change once the trojan spy has fully developed.