Trojan.JS.Redirector.za is a Trojan that is involved in particular web attacks launched by Brazilian cybercriminals. Trojan.JS.Redirector.za is distributed as a malevolent PAC (Proxy Auto-Config) via phishing web address. These types of malevolent scripts are used to divert the target computer user’s connection to a phishing bank, credit card and other websites. After registering the web address ‘java7update.com’, Brazilian attackers started attacking several websites, embedding a malevolent iframe in some hijacked websites. The iframe loads a malevolent Java applet prepared to change the proxy configuration on the Internet browser such as Internet Explorer and Firefox. The web address used in the attack refers to a file called ‘update.pac’. To evade detection based on signatures, the script uses various concatenations. The purpose of Trojan.JS.Redirector.za is to divert attacked…

PWS:Win32/Fareit.A is a Trojan that steals confidential information from the victimized computer user’s PC and transfers it to a remote cybercriminal. Once installed on the affected computer system, PWS:Win32/Fareit.A makes system modifications by modifying the Windows Registry. PWS:Win32/Fareit.A aims at stealing passwords, computer and user credentials from the corrupted PC. PWS:Win32/Fareit.A may affect the list of particular applications. PWS:Win32/Fareit.A may also gather other information regarding the infected computer, incorporating port number used by FTP program, FTP credentials and host details. PWS:Win32/Fareit.A then transfers the gathered information to the cybercriminals’ website in a compressed format….

Trojan:Win32/Vicenor.B!gen is a Trojan that uses the compromised PC to make or ‘mine’ Bitcoins, a decentralized digital currency. When installed on the targeteed computer system, Trojan:Win32/Vicenor.gen!B makes system modifications. Trojan:Win32/Vicenor.gen!B makes various programs work very slowly or takes much time to load. Trojan:Win32/Vicenor.gen!B also downloads malevolent files and modifies the Windows Registry on the victimized computer. Trojan:Win32/Vicenor.B!gen may be distributed onto the corrupted PC via a drive-by download through an exploit, or the computer user may download it thinking it is a genuine software product. Trojan:Win32/Vicenor.gen!B involves and runs a Bitcoin mining program, which connects to a Bitcoin server and uses the compromised PC’s power to make Bitcoins. This can seriously affect the infected computer’s performance, making it seem to operate slowly….

Trojan.Sirefef.HU is a Trojan with rootkit capabilities that spreads via security exploits and free program installations. Trojan.Sirefef.HU is hard to find and uninstall from the infected computer by many anti-virus applications. Trojan.Sirefef.HU is associated with ransomware and other malware infections such as rogue security tool, that is, Trojan.Sirefef.HU can be used by cybercriminals to deliver these security threats to affected PCs. Trojan.Sirefef.HU leads to failure of numerous system services and overall system crash….

Trojan.Jorik.Androm.pqr is a Trojan that is distributed via spam emails, which carry falsified invoices from Zalando and Deutsche Bahn. The fake email dupes attacked computer users into running a malevolent file, found as Trojan.Jorik.Androm.pqr. Cybercriminals send personalized email messages in the German language supposedly coming from the well-known website Zalando.de (shoes and women accessories) and from the Deutsche Bahn (German Railways). The text is addressed to the target recipient directly, and it threatens the victimized PC user so that he/she opens the ZIP archive and runs the harmful file. If the affected PC user opens and executes the damaging file, his/her PC will get contaminated with
Trojan.Jorik.Androm.pqr….

Europol Interpol Ransomware is a malware infection identified as ransomware, which strives to pilfer money from unsuspecting PC users in Germany and other German-speaking countries. Europol Interpol Ransomware is distributed with the help a ‘Police’ Trojan, which locks the compromised PC and asks the victim for a fine to be paid to unlock the computer. Europol Interpol Ransomware blocks the desktop and the whole computer and does not allow the target PC user access the machine. Europol Interpol Ransomware covers the screen of the infected computer with a bogus pop-up image/alert ‘Ihr Internet Service Provider blockiert’, which speaks in the name of the Europol and Interpol (European Police Office and International Criminal Police Organization) and accuses attacked computer users of breach of the certain laws. The scary pop-up notification of Europol Interpol Ransomware states that the…

Trojan:Win32/Estiwir.A is a Trojan that drops and installs other malware infections onto the corrupted PC and restricts some programs or applications from operating properly. Trojan:Win32/Estiwir.A is distributed to the hacked PC by other malware infections. Trojan:Win32/Estiwir.A may drop other malware infections that can steal an attacked computer user’s information by recording usernames and passwords. After uninstallation of Trojan:Win32/Estiwir.A, it is recommended to change your passwords. Trojan:Win32/Estiwir.Ae may restrict AhnLab security application or ESTsoft Corp programs from operating properly. Trojan:Win32/Estiwir.A propagates as a .DLL file. Once run, Trojan:Win32/Estiwir.A is embedded into ‘Explorer.exe’. Trojan:Win32/Estiwir.A then downloads and executes other security threats from the particular web addresses. Trojan:Win32/Estiwir.A terminates service and deletes…

Trojan:Win32/Matsnu.D is a Trojan that makes modifications to the affected PC to make it more vulnerable for other malware threats, and contacts a remote host to retrieve commands that can have practically any aim. When installed and run, Trojan:Win32/Matsnu.D makes system changes by making modifications to the Windows Registry. Trojan:Win32/Matsnu.D creates copies of itself to the particular locations with a random file name. Trojan:Win32/Matsnu.D modifies the registry entries to assure that its copy loads automatically whenever you start Windows. Trojan:Win32/Matsnu.D disables registry editing tools and task manager by modifying the Windows Registry. Trojan:Win32/Matsnu.D deletes the original copy of itself that runs when the PC user reboots the PC by modifying the Windows Registry. Trojan:Win32/Matsnu.D uses code insertion in order to evade detection and removal, it embeds a code and…

Trojan:Win32/BeeVry is a Trojan that makes changes to various computer settings to restrict the victimized computer users from accessing security-related websites, and decrease the security of the corrupted PC. When installed and run, Trojan:Win32/BeeVry makes system changes by adding infected files. Trojan:Win32/BeeVry also modifies the Windows Registry. Trojan:Win32/BeeVry may be distributed by other malware infections, or it may spread as a malicious email attachment. Trojan:Win32/BeeVry modifies the Windows Hosts file. The local Hosts file overrides the DNS resolution of a website URL to a specific IP address. Trojan:Win32/BeeVry may make alterations to the Hosts file in order to reroute particular web addresses to various IP addresses. Trojan:Win32/BeeVry often modifies the Hosts file in order to restrict the target computer user from accessing websites connected with particular…

TrojanDownloader:Win32/Delf.GK is a Trojan that downloads files, which incorporate other malware infections onto the compromised PC. When installed on the affected computer system, TrojanDownloader:Win32/Delf.GK makes system modifications by adding malevolent files. While being executed, TrojanDownloader:Win32/Delf.GK creates a file called ‘explorer.exe’, and embeds itself into this file striving to conceal its occurrence on the targeted computer. If TrojanDownloader:Win32/Delf.GK finds older versions of itself on the victimized computer, it deletes them….