Sykipot Trojan
Sykipot Trojan is a hazardous Trojan that uses the zero-day Adobe Reader flaw used for attacking defense contractors. Cybercriminals misuse the flaw to make the compromised PC download Sykipot Trojan, which then looks for outlook, iexplore or firefox in the list of running processes. Once Sykipot Trojan has detected them, it injects DLL files into them. After that, the malicious binary creates a PDF file that apparently encompasses 'CONUS rates' for traveling expenses in the continental US. The injected DLL will contact XXXhksrv.hostdefence.net/asp/kys_allow_get.asp?name=getkys.kys for downloading an encrypted configuration file. This file includes a few instructions that the affected PC user will fulfill on sending the results back to the C&C server. The hostdefence.net domain on which the C&C server is hosted is set in China. If your computer has been corrupted by Sykipot Trojan, you should uninstall it immediately after detection.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.