Posts Tagged ‘Trojans’

Dr. WebAV developers say about a surge of activity Trojan cryptographers

Dr. Web warned of the growing number of users affected by a Trojan cryptographers. The most widespread malicious program Trojan.Encoder.94. Also very popular Trojan.Encoder.225: only recently for help in restoring the files affected by the actions of the Trojan, anti-virus department Dr. Web addressed more than 160 people.

The Trojans family Trojan.Encoder are malicious programs that encrypt files on the hard disk of the computer and demand money for their decryption. After the files are encrypted, the Trojans family Trojan.Encoder, depending on the version, can be placed on the disc text information files for data recovery or to change the desktop background image showing instructions. Amount required by hackers, can vary from a few dozen to several thousand dollars. (more…)

Symantec CorpExperts believe that the information from the server is kidnapped with this type of Trojan.

Researchers for the production of software in the field of information security and antivirus Symantec claimed that many U.S. financial institutions are losing information due to virus Stabuniq. The virus was detected in mail servers, proxy servers and gateways, which are owned by different financial institutions, including banks and credit unions.

According to information provided on the official website of Symantec, nearly half of the unique IP-addresses found in Trojan.Stabuniq, owned by home users, and 11% – companies that are engaged in online security, and 39% – U.S. financial institutions.

According to specialists, Stabuniq during the existence of infected fewer computers than the Trojans. This statistic shows that the authors of the virus using it for targeted attacks on specific categories of users and organizations. Most of the IP-addresses, infected computers are in the eastern United States. (more…)

Trojan-extortionistMalicious programs that belong to the class of extortionists, using all new ways to more effectively scare the user.

The purpose of extortion – to force the victim to voluntarily transfer the money to the account.

The so-called ‘police extortionists’ scare member on behalf of law enforcement agencies, the police or the FBI: the computer is locked, and the user voluntarily offer to pay the penalty for the offense. Violations can be found on any computer: it’s files and videos with pornography, counterfeit movies and music, unlicensed software, and more.

Recently reported on the Trojans Trojan.Gapz.1, which blocks the system – Trojan.Winlock.7384 scares victims pictures with a webcam. Show your face directly in the window, demanding payment for the psychological pressure.

A new variant of the Trojan Reveton (TROJ_REVETON.HM) goes even further by the degree of emotional impact. It has built-in to play audio files. After the computer is locked or encrypted files he read from a prepared text. Users in Germany or the United States do not even need a translator, because the program loads from remote server suitable sound file, depending on the country of residence of the victim. (more…)

RootkitRootKit term historically come from the world of Unix, where this term is a set of tools that a hacker installs them on a compromised computer after the initial access. This is usually hacking tools (sniffers, scanners) and Trojans, replacing the basic utilities Unix. RootKit allows a hacker to gain a foothold in the compromised system and conceal their activities.

In Windows, a RootKit is considered a program that penetrates into the system and hooks system functions, or shall replace the system libraries. Intercepting and modifying low-level API functions in the first place such a program can effectively hide its presence in the system, protecting it from detection by antivirus software and user. In addition, many RootKit can mask the presence of any system described in its configuration of processes, folders and files on a disk, registry keys. Many RootKit installed in your system drivers and services (which of course, are also “invisible”). (more…)