The Infostealer.Fightpos malware, as the name suggests, is used by cyber criminals to collect and transmit data from infected PCs to their servers. The Fightpos malware falls in the category of backdoor trojans and is deployed in spam emails as an attached file and may accompany freeware bundles from software centers with a bad reputation. Malware researchers note that the Fightpos trojan can place its files in the Microsoft folder under Application Data to evade detection. Moreover, the Infostealer.Fightpos malware drops two files named 'ActiveComponent.bat' and 'ActiveComponent.exe' in the Temp folder in order to manipulate the Microsft Internet Explorer. The Fightpos trojan then creates a registry entry to make sure users run the corrupted Internet Explorer.exe and collect data like typed URLs, entered log-in credentials and offline web app data. As stated above, the Fightpos malware is a backdoor trojan, and it adds several registry keys concerning group policies and firewall settings in order to allow cyber criminals to connect to the infected machine. Additionally, the Fightpos malware can download and execute files as well as launch DDoS attacks. Security experts advise users to install a reputable anti-malware shield and avoid interaction with spam emails and suspicious websites.
File System Details
Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
|1.||%UserProfile%\Start Menu\Programs\Startup\Shortcut to Internet Explorer.lnk||N/A|
Tip: We recommend blocking the domain names as well as the IP addresses associated
The following URL's were found: