Scroll Top

New Polymorphic Malware Delivery System Identified: AAEH

April 13, 2015 – US-CERT has issued an alert notifying the public to be aware of new malware delivery system known as AAEH.  The delivery system is a family of polymorphic down-loaders created with the primary purpose of downloading other malware, including password stealers, root-kits, fake antivirus, and ransom-ware. virus2

According to US-CERT, “AAEH is often propagated across networks, removable drives (USB/CD/DVD), and through ZIP and RAR archive files. Also known as VObfus, VBObfus, Beebone or Changeup, the polymorphic malware has the ability to change its form with every infection.

AAEH is a polymorphic downloader with more than 2 million unique samples. Once installed, it morphs every few hours and rapidly spreads across the network.  AAEH has been used to download other malware families, such as Zeus, Cryptolocker, ZeroAccess, and Cutwail.”

The delivery system is capable of defeating anti-virus products by blocking connections to IP addresses associated with Internet security companies and by preventing anti-virus tools from running on infected machines.

Solutions include:

Changing Passwords if infected

Maintaining Up to Date software

Use and Maintain Current Anti-Malware Software

More information and a list of Anti-Virus Solutions that can detect this can be found at the following site.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.