Threat Database Trojans Trojan:WinNT/Simda.gen!A

Trojan:WinNT/Simda.gen!A

By Sumo3000 in Trojans

The most recent version of the Trojan:WinNT/Simda.gen!A Trojan has been around since Fall of 2011, with a string of attacks reported in the early months of 2012. Trojan:WinNT/Simda.gen!A is a kind of proxyier Trojan, and several of its aliases will include this term in its detection. Regardless of the name it receives, there is no doubt that Trojan:WinNT/Simda.gen!A poses a significant risk to any computer system Trojan:WinNT/Simda.gen!A invades, and ESG security researchers consider that this malware threat is severe in nature.

One of the worst aspects of a Trojan:WinNT/Simda.gen!A infection is the fact that Trojan:WinNT/Simda.gen!A will usually display no symptoms of its presence on the victim's computer. This is because Trojan:WinNT/Simda.gen!A allows criminals to gain access to the infected computer through what is known as a 'backdoor', a hole in a computer's security which, much like an unsecured back door can allow robbers to enter a house undetected, allows a hacker to gain unauthorized access to the infected computer system.

A Closer Look at How Trojan:WinNT/Simda.gen!A Attacks a Computer System

Trojan:WinNT/Simda.gen!A is specifically a component of a multi-component malware attack designed to open up a back door into the infected computer. Trojan:WinNT/Simda.gen!A in particular is a kernel-mode driver, which acts like a rootkit and hides the other components responsible for the multi-component malware attack. Trojan:WinNT/Simda.gen!A also has the capacity of altering how the infected computer connects to the Internet. Trojan:WinNT/Simda.gen!A is installed through the Simda.A family of backdoor Trojans' installer. Once Trojan:WinNT/Simda.gen!A has infected the computer system, Trojan:WinNT/Simda.gen!A will load other components of this malware attack and attempt to inject malicious code into processes involving web browsers, such as chrome.exe, explorer.exe, iexplore.exe, or firefox.exe.

Trojan:WinNT/Simda.gen!A also has the ability to hijack the victim's browser and carry out browser redirects, as well as forcing the infected computer to connect to malicious servers. Trojan:WinNT/Simda.gen!A can connect to hundreds of malicious IP addresses – ESG security analysts have observed that Trojan:WinNT/Simda.gen!A does not limit itself to directing traffic towards a single malicious website or IP address. Trojan:WinNT/Simda.gen!A should be removed as well as the entirety of the multi-component malware infestation in the victim's computer system. The use of an anti-malware program with advanced anti-rootkit technology is highly recommended in order to stop Trojan:WinNT/Simda.gen!A in its tracks.

Trending

Most Viewed

Loading...