Trojan.Ferret
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 4,876 |
Threat Level: | 90 % (High) |
Infected Computers: | 1,465 |
First Seen: | January 8, 2014 |
Last Seen: | September 12, 2023 |
OS(es) Affected: | Windows |
Security researchers have received reports of widespread DDoS attacks that seem to be associated with a new threat capable of launching devastating DDoS attacks on specific targets. PC security analysts have named this threat Trojan.Ferret and have noted that Trojan.Ferret has several features that make Trojan.Ferret particularly destructive. Trojan.Ferret is a severe threat infection that poses a serious threat both to websites affected by the DDoS attack and to businesses and people that rely on the stability of these websites.
Unraveling Trojan.Ferret
Trojan.Ferret was first detected and identified by malware researchers in Russia. Trojan.Ferret is a DDoS bot used to overload specific servers with requests using advanced techniques that are designed to prevent the targets from defending themselves. Trojan.Ferret is developed in Delphi and was probably written by criminals located in the Russian federation. Trojan.Ferret has anti-debugging features that may prevent researchers from launching Trojan.Ferret in a virtual machine, may modify its own code and uses UPX packing and process hollowing to make itself more difficult to detect, study and remove. Trojan.Ferret also uses advanced obfuscation techniques to disguise its strings and code from individuals attempting to conduct a study of Trojan.Ferret's features and structure. Trojan.Ferret may be used to launch DDoS attacks using several protocols, including HTTP, TCP and UDP floods. At the present, malware researchers are currently studying Trojan.Ferret and have only identified a handful of its command and control servers.
Protecting Yourself and Your Website from Trojan.Ferret Attacks
If you administrate a Web page, then DDoS bots like Trojan.Ferret present a significant threat to your bottom line. There are several ways in which you can protect your website from threat attacks involving Trojan.Ferret, that usually involve expanding your resources to make it too expensive, or time consuming to continue a prolonged attack and tracing the source of attacks in order to fight back. There are numerous services that offer protection from DDoS attacks. In fact, Google offers Web masters a free service known as Google Shield, which leverages Google's enormous resources to help website administrators that have to deal with attacks like those carried out by Trojan.Ferret.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.