Troj/Agent-XXC is a backdoor Trojan infection that is typically distributed via spam email scams. ESG security researchers have associated Troj/Agent-XXC with a recent scam involving fake email messages from YouTube. If you suspect that your computer has been exposed to Troj/Agent-XXC, ESG security researchers strongly recommend ensuring that your computer is safe by using a anti-malware program to scan your hard drives. Since Troj/Agent-XXC can be used to install spy software or banking Trojans to gain access to your online accounts and sensitive information such as credit card numbers or bank account credentials, ESG security researchers also advise computer users to safeguard their sensitive data by using strong passwords and additional safeguards such as two or three point authentication or linking your accounts to a specific device. However, the most important thing you can do to avoid becoming a victim of Troj/Agent-XXC is using common sense when browsing the Internet and never downloading files contained in unsolicited email messages.
The malicious email message that is used to distribute Troj/Agent-XXC is disguised as a message from YouTube claiming that one of the victim’s videos was flagged because of copyrighted content. It then recommends that the victim take a look at an attached file in order to gain more information about how this supposed copyright violation affects the content posted on YouTube. The attached ZIP file does not contain this information. Rather, it contains the executable file for Troj/Agent-XXC (an EXE file) as well as an AutoRun routine that enables this malicious file to run automatically as soon as the malicious ZIP archive is accessed.
Malware threats such as Troj/Agent-XXC are commonly referred to as backdoor Trojans because they establish a backdoor into the infected computer. This usually means that Troj/Agent-XXC opens an unauthorized access point in your computer’s security which criminals can use to access your computer in order to steal data or to upload additional malware into your computer. Using Troj/Agent-XXC, criminals can install spy software or steal sensitive information stored on the infected computer, all from a remote location.
How Can You Detect Troj/Agent-XXC?
Troj/Agent-XXC Technical Report
As new Troj/Agent-XXC details are reported by our customers and findings from our Threat Research Center, we will update this section.
Fake message for Troj/Agent-XXC:
The following fake error message(s) appears for Troj/Agent-XXC:
Your video may have content that is owned or licensed by Music Publishing Rights Collecting Society.
No action is required on your part; however, if you are interested in learning how this affects your video, please open attached file
with Content ID Matches section of your account for more information.
- The YouTube Team