Sensode
Sensode, also aliased as ZXShell, is a backdoor Trojan and RAT that lets third parties take control of your PC through a remote server. Although Sensode sees significant use by Axiom, a Chinese hacking organization, Sensode also has been used in other contexts, and by other third parties, for the past decade. Sensode infections coincide with third parties having virtually complete access to the PC and everything stored on it, as well as to any PCs linked by local networks. As a result, malware experts can't recommend any response to this threat other than deleting Sensode with the best anti-malware tools at hand.
A Trojan Still Kicking after Ten Years of Crime
Ordinarily, Trojans are meant for professional espionage undergo very dynamically, but brief lifespans, as they're replaced by new, upgraded threats. Sensode defied this trend in the threat black market and was identifiable in 2004, with its latest versions still in use as of 2014. Modern Sensode campaigns may be associated with Axiom, a group of third parties accused of being tied to the Chinese government. Axiom's choices in targets may be hyper-specialized, as are the campaigns for installing Sensode and other Trojans, such as Derusbi.
While obvious symptoms of Sensode attacks are relatively unheard of, low visibility, unfortunately, doesn't correspond to trivial damages. As of malware experts' last analyses of Sensode, this Trojan may aid in the following attacks, among others:
- Sensode may make drastic modifications to Windows accounts, including deleting users, adding new ones or changing their passwords.
- Sensode may close the processes of other programs, such as anti-virus scanners.
- Sensode may provide a root shell interface for third parties to issue command-line instructions.
- Along with all these features dedicated to control and anti-security, Sensode also may have some features specialized for theft of data. Screen captures and keylogging (recording your keyboard) are two of the most noteworthy of these functions.
Bringing a Halt to a Long-Running Crime Spree
Sensode may have attacks that let third parties control your PC as if it were theirs, but Sensode still requires traditional distribution models to infect your computer at all. Because of Sensode's recent links with Axiom, malware experts might especially advise likely victims to watch for unusual e-mail messages including file attachments. These vulnerability-carrying files may be Trojan droppers that install Sensode, Naid, Kaba and other Axiom Trojans. However, Sensode is not necessarily the only Trojan that may be install in such an attack, which may use multiple threats in tight coordination.
Setting up regular anti-malware scans will offer your PC a good level of default protection that can help you remove Sensode as soon as possible. If you can confirm a Sensode infection, you also should attend to closing off Sensode's potential network access, through which Sensode could compromise other Windows systems with little effort. Non-Windows machines have yet to be targets of Sensode, but, considering the organization of some of its external clients, other OSes hardly are immune to similar attacks.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.