April 13, 2015 – US-CERT has issued an alert notifying the public to be aware of new malware delivery system known as AAEH. The delivery system is a family of polymorphic down-loaders created with the primary purpose of downloading other malware, including password stealers, root-kits, fake antivirus, and ransom-ware.
According to US-CERT, “AAEH is often propagated across networks, removable drives (USB/CD/DVD), and through ZIP and RAR archive files. Also known as VObfus, VBObfus, Beebone or Changeup, the polymorphic malware has the ability to change its form with every infection.
AAEH is a polymorphic downloader with more than 2 million unique samples. Once installed, it morphs every few hours and rapidly spreads across the network. AAEH has been used to download other malware families, such as Zeus, Cryptolocker, ZeroAccess, and Cutwail.”
The delivery system is capable of defeating anti-virus products by blocking connections to IP addresses associated with Internet security companies and by preventing anti-virus tools from running on infected machines.
Changing Passwords if infected
Maintaining Up to Date software
Use and Maintain Current Anti-Malware Software
More information and a list of Anti-Virus Solutions that can detect this can be found at the following site.