Threat Database Trojans Trojan.BHO.btgg

Trojan.BHO.btgg

By ESGI Advisor in Trojans

Threat Scorecard

Threat Level: 90 % (High)
Infected Computers: 4
First Seen: January 4, 2012
Last Seen: October 18, 2020
OS(es) Affected: Windows

Computer users in India have been targeted by an email scam that attempts to take advantage of the recent death of the North Korean dictator Kim Jong II. This email scam is closely linked to the Trojan.BHO.btgg malware and, like a large number of recent email attacks, is programmed to exploit a zero day vulnerability in Acrobat Reader. If an email claiming to have news about Kim Jong II appears in your mail box, ESG security researchers strongly recommend against opening it or downloading any attached files. If the subject of this spam email peaks your curiosity about Kim Jong II, ESG malware researchers recommend getting your information on his death from a trusted news source or from a reliable online encyclopedia instead of from unsolicited email messages. Every time a celebrity or famous political figure dies, criminals take advantage of the event to send out spam email. In 2011 we saw this happen with the deaths of Steve Jobs, Amy Winehouse, and Muammar Gaddafi. If you have fallen victim to the Trojan.BHO.btgg scam, ESG security researchers recommend using an appropriate anti-malware application to annihilate any malware from your computer system.

Trojan.BHO.btgg Is Distributed Through a Corrupt PDF File

The malicious email message linked to Trojan.BHO.btgg contains a file attachment titled 'BriefintroductionofKim-Jong-il.pdf'. While PDF files are typically considered being safe formats to be opened and downloaded, a zero day vulnerability in Adobe Acrobat Reader 9.0 has set off a large number of email attacks with corrupt PDF files. These security vulnerabilities are known as CVE-2010-2883 and CVE-2010-3333 which allow criminals to use these kinds of files to force the infected computer system to connect to a remote server and to execute malicious code. This allows Trojan.BHO.btgg to download and install various dangerous malware infections onto the victim's computer. Because of this, ESG security researchers strongly advise against opening any attached files or clicking on embedded links included in unsolicited email messages. This is regardless of whether the messages appear to come from a reliable or trusted source (since criminals can easily spoof email addresses and their email's design to match various reliable senders) or whether the attached file seems to contain a file type that is not an executable or other kinds of files typically associated with malware. As happened with PDF files, sudden security vulnerabilities in trusted applications or operating systems can quickly be exploited before software manufacturers can patch their applications.

Trending

Most Viewed

Loading...