Security experts from Trend Micro firm detected malware that uses online-service Evernote as C&C server.
The virus is a backdoor used by cybercriminals in order to execute commands on infected machines. The researchers stated that malware also uses Evernote as a drop-off point for hijacked data.
Nikko Tamana, a Trend Micro threat response engineer, claimed that hackers design malware to abuse legitimate services to make it more difficult to trace.
The malware identified as “BKDR_VERNOT.A,”" tries to obtain instructions from a note in an Evernote account. According to Trend Micro experts, the login credentials within the malware did not appear to work when Trend Micro was testing it.
The researchers said that after being installed, BKDR_VERNOT.A can perform several backdoor commands. For instance, downloading, executing, and renaming files. After that malware gathers information from the infected system, including details about the OS, time zone, user name, computer name, registered owner and even organization.
“To avoid this threat, you must always be cautious with visiting unknown websites and opening email messages. Trend Micro Smart Protection Network detects both the malware cited in this blog entry,” concluded Tamana.