Troj/Tepfer-Q

Troj/Tepfer-Q Description

Type: Trojan

As usually happens with breaking news stories, criminals have quickly pounced on the popularity of the Boston Marathon bombing news story in order to spread malware. This terrible incident has resulted in malicious spam email messages that supposedly contain links to videos of the terrorist attack in Boston with subject lines related in some way to this incident. It appears that all of these spam email messages are based in Latvia and Ukraine, Eastern European countries that have been linked to spammers and computer scams before. Clicking on the embedded links contained in these spam email messages leads computer users to a website where an exploit kit is used to install Troj/Tepfer-Q on the victim's computer. Troj/Tepfer-Q is a dangerous password stealing Trojan that may be employed to obtain access to the victim's online accounts, banking information and private data.

When the victim clicks on the embedded link in the spam email message, the link directs the victim to a website that is designed to appear to be a legitimate YouTube video. However, while the video is running in the background, the RedKit Exploit Kit is actually installing Troj/Tepfer-Q on the victim's computer. If the victim's computer contains vulnerabilities that this exploit pack can take advantage of, then Troj/Tepfer-Q's executable file is executed on the victim's computer, installing its malicious files and making dangerous changes to the infected computer's registry. Successful installation of Troj/Tepfer-Q allows criminals to gain remote access to the infected computer. Troj/Tepfer-Q has the ability to steal online passwords and private data directly from the data stored on the victim's web browser. The stole data is then transmitted to an outside server where it is then used to carry out various scams and crimes, such as identity theft or money laundering.

There were other times that malware authors have distributed Trojans like Troj/Tepfer-Q taking advantage of popular news stories. Only a month prior to the Boston Marathon bombing, similar scams took advantage of the trending news relating to the election of the new pope. These kinds of scams take advantage of inexperienced computer users that do not understand that unsolicited email messages are not a trustworthy source for news and are usually used to send out malware like Troj/Tepfer-Q.

Technical Information

File System Details

Troj/Tepfer-Q creates the following file(s):
# File Name Detection Count
1 [System]\drivers\npf.sys N/A
2 [System]\Packet.dll N/A
3 [System]\wpcap.dll N/A

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.