Trojan.GenericKDZ.14575 is a dangerous component of the RedKit Exploit Kit, a hacking tool used to infiltrate computers by taking advantage of several known application, Web browser and operating system vulnerabilities. The Trojan.GenericKDZ.14575 attracted attention from PC security researchers recently because of the use of a social engineering scam related to the tragedy that has occurred on the Boston Marathon. Only a few hours after the Boston Marathon bombing, spam email messages and other social engineering scams started to include words such as 'explosion', 'Boston', and 'marathon' in their subject messages in order to entice inexperienced computer users into viewing their contents.
Up to a fifth of all spam email messages sent out in the days that followed the Boston Marathon bombing included terms related in some way to that event. This is not a new development. ESG security researchers have long noted that criminals take advantage of trending news in order to bait unsuspecting computer users into downloading and installing malware similar to Trojan.GenericKDZ.14575. In fact, it was only a few weeks before the Boston Marathon bombing when most spam email messages using this scam integrated terms linked to the pope, taking advantage of the trending news relating to the referendum of the new pope. It is unfortunate to observe that criminals will not have any qualms about taking advantage of the panic and sadness people may feel in the face of these kinds of terrible events.
How Trojan.GenericKDZ.14575 is Installed on the Victim's Computer
The malicious email messages used to spread Trojan.GenericKDZ.14575 usually contain embedded links which lead to websites containing URLs that end with words that relate to the news in some way. Clicking on these links leads computer users to a fake YouTube website. This is actually a Web page that is designed to look like a YouTube video while actually hosting an exploit kit. Almost immediately, a malicious executable file is inserted into the victim's computer taking advantage of known vulnerabilities. This malicious executable installs the Trojan.GenericKDZ.14575. Trojan.GenericKDZ.14575 steals passwords, often using information stored on the victim's Web browser itself. To protect yourself from Trojan.GenericKDZ.14575 infections and these kinds of scams, ESG security analysts strongly advise only getting news from trusted sources and never from unsolicited email messages, even if they seem to come from a person that you know.