TROJ_ARTIEF.JN

TROJ_ARTIEF.JN is a Trojan dropper that is involved in the Enfal malware attack. This infamous Trojan attack was first detected in a high-profile wave of attacks in the Fall of 2011. Using the TROJ_ARTIEF.JN Trojan dropper, the Enfal attack has managed to compromise about eight hundred computers that belong to high profile targets around the world. From government agencies to diplomatic outposts and important scientific facilities, the Enfal attack has successfully used the TROJ_ARTIEF.JN Trojan Dropper to install backdoors on numerous computers all around the world. If your computer is used for sensitive government work, particularly in pro-Tibet organizations or in the aerospace industry, it is important to update your security software and ensure that you understand the possible avenues of infection for the Enfal Trojan and TROJ_ARTIEF.JN.

The Wide Reach of TROJ_ARTIEF.JN Attacks

It is quite impressive that TROJ_ARTIEF.JN has managed to infect computers all over the world, even if the actual number of infected computers is not as high as other, lower profile malware threats. Most TROJ_ARTIEF.JN attacks have been focused on Mongolia, Vietnam and the Russian Federation. TROJ_ARTIEF.JN has also been detected in compromised computers in India, the Middle East, China and the United States. All of the infected targets contain sensitive, valuable information, meaning that there is clearly reasoning behind the targets that criminals choose for Enfal attacks. TROJ_ARTIEF.JN has been involved in attacks on computers belonging to nuclear facilities, pro-Tibet organizations, computers belonging to aerospace government agencies, embassies, consulates and numerous other important targets all around the world.

Taking a Look at the TROJ_ARTIEF.JN Infection

TROJ_ARTIEF.JN is contained in malicious, high-quality email messages as a DOC file attachment. While this extension usually points out that a file is a Microsoft Word document, criminals exploit a known vulnerability in the Microsoft Office Suite (CVE-2012-0158) that grants them to run a malicious code on the infected computer. A backdoor Trojan will be dropped on the infected computer by TROJ_ARTIEF.JN. This backdoor Trojan, BKDR_MECIV.AF, allows criminals to gain complete access to the infected computer from a remote location. Due to the sensitive targets that criminals choose for TROJ_ARTIEF.JN attacks, this backdoor Trojan can be used to steal valuable, sometimes classified information which can then be sold to a third party for a considerable amount or used to further a group's own political agenda.