EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
|Threat Level:||80 % (High)|
|First Seen:||March 12, 2012|
|Last Seen:||October 17, 2018|
Enfal is a Trojan infection that has been involved in various attacks all around the world. While Enfal was involved in a large string of attacks in September of 2011, ESG security researchers have uncovered an updated version of this dangerous Trojan infection that has attacked nearly one thousand computers all around the world. While this may not seem like such an impressive number, it is important to note that attacks involving the Enfal Trojan have targeted high priority targets. These include computers belonging to government institutions, embassies and consulates and important science and aerospace government agencies and companies. Due to the high profile threat that is posed by this dangerous Trojan infection, ESG security researchers strongly advise computer users involved in sensitive industries or activities to protect their computers from an Enfal Trojan attack through the use of a reliable, fully updated, powerful anti-malware program.
ESG malware analysts have found that most of the worldwide Enfal attacks are concentrated in Russia, Mongolia and Vietnam. Other Enfal attacks have managed to infect computers in China, the Middle East and India. Unlike other Trojans that cast a wide net, Enfal attacks involve important targets. This updated version of Enfal specifically targets suppliers and contractors for these countries' military organizations. It also seems to target nuclear facilities and organizations that support Tibet. The main difficulty when dealing with Enfal infections is that it is difficult to recognize a computer that has become infected with this threat.
ESG security researchers have observed that Enfal infections will begin with an email message containing a malicious file attachment. These scam email messages are often well written and include content that may fool computer experts. For example, one of the attacks that was used to infect computers belonging to pro-Tibet groups supposedly announce a general meeting of Tibetans and includes believable dates, formatting and content. The Enfal attack is contained in a file in DOC format (a Microsoft Word document). Despite appearing as a harmless Microsoft Word file, this Doc file is actually a Trojan infection detected as TROJ_ARTIEF.JN. Taking advantage of the vulnerability in Microsoft Office known as CVE-2012-0158, this Trojan infection installs a backdoor Trojan named BKDR_MECIV.AF on the infected computer. This backdoor allows criminals to gain unauthorized access to the compromised computer.