JAVA_OZNEB.B

JAVA_OZNEB.B Description

JAVA_OZNEB.B is a new variation of an old Java RAT (remote access Trojan), which is named UNRECOM (Universal Remote Control Multi-Platform). It was known a while ago as Adwind. JAVA_OZNEB.B proliferates via spam email messages. The spam email messages that are used to disperse JAVA_OZNEB.B (UNRECOM) are allegedly sent by American Express. The fraudulent bank email messages announce victimized recipients that their accounts have been suspended due to suspicious activity. The bogus email message includes the infected attachment which is not a report, but a copy of the RAT named JAVA_OZNEB.B. When JAVA_OZNEB.B corrupts a PC, it takes screenshots, shows notifications and mines for Litecoins. The Litecoin-mining component is a plug-in. The authors of UNRECOM can embed other plug-ins and further improve JAVA_OZNEB.B. Litecoin is a cryptocurrency that is often known to be a well-known alternative to Bitcoin. The Litecoin plug-in can permit a remote cybercriminal to use an attacked PC to mine Litecoins. Mining digital currencies needs a lot of computing power, so target PC users may experience sluggish performance from their affected PCs.

Technical Information

Registry Details

JAVA_OZNEB.B creates the following registry entry or registry entries:
Clsid
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run oracle = "%Application Data%\oracle\olo.dll"

Related Posts

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.