Win32/Sirefef.FY

Win32_Sirefef.FY is the detection for a malicious computer program and Trojan rooting from a family of Trojans infused with rootkit technology to fight removal. The Internet is a landmine filled with explosive Trojans, worms and viruses often hidden behind the innocent (inter)face of helpful programs and prompts. Malware can be cloaked in the download of freeware and hidden in an ambiguous End-User License Agreement that, unfortunately, many PC users do not take time to read fully before clicking.

Win32_Sirefef.FY was specifically built to attack poorly protected systems using the Microsoft Windows 32-bit platform. The malware maker is hoping the PC user overlooked notifications to patch vulnerabilities, a common mistake that aids infiltrations and malicious implantations. Trojans are stealth and are able to run a script to make high-level system changes. For example, a Trojan can open a port and make connections to a remote server where a hacker can customize the attack based on reporting. The reporter would, of course, be none other than Win32_Sirefef.FY, programmed to survey the system and detail what other malware is present, malicious files being implanted, data that helps identify other vulnerabilities, and so on. Vital data will also be scraped out of the browser cache and transferred into the hands of a hacker, along with email addresses and system data identifying vulnerabilities, but the malice will not end there. W32_Sirefef.FY could also install a rogue security program planned to yield explosive alerts as part of its fake security breach.

Malicious system changes and behaviors often conflict with the normal mode of the operating system. In addition to corrupting the browser to force traffic to malicious or compromised websites, a hijacker could block traffic to helpful malware removal sites. Malicious activity could slow your system considerably, as a hacker drains the resources to wage a DNS strike or mine Bitcoins, an underground currency keeping illegal purchases off the radar of the government and judicial system. Not only will the Trojan make system changes to support an attack, steps will also be taken to block removal. Rootkit technology helps mask malicious files, so they read the same as legitimate operating system files. If you are a novice PC user and are unfamiliar with the OS mapping structure, you may not realize a recognizable and necessary component like explorer.exe is stored in the wrong place. The cover may fool some PC users and even weaker anti-virus programs, but Win32_Sirefef.FY will not pass muster with a stealth anti-malware solution using a mix of scanning techniques such as heuristic and signature patterns. Removal of the wrong file could leave the victim facing the dreaded blue screen of death, lending to even more problems and possibly loss of data.

The only way to ensure your system is malware free is to use a stealth anti-malware program able to uproot hidden malware and better guard your system going forth.