Threat Database Trojans TSPY_FAREIT.ADI

TSPY_FAREIT.ADI

By Sumo3000 in Trojans

Threat Scorecard

Ranking: 2,146
Threat Level: 10 % (Normal)
Infected Computers: 9,581
First Seen: August 21, 2013
Last Seen: September 20, 2023
OS(es) Affected: Windows

The TSPY_FAREIT.ADI Trojan attack is a ZeuS/Zbot Trojan variant that attacks PC users in the United Kingdom. TSPY_FAREIT.ADI is spread using a scam that impersonates Britain's internal revenue service. This malware infection spreads through malicious spam email messages used to deliver malware to victims' computers. These email messages claim to be related to the HMRC (Her Majesty's Revenue and Customs), which is very much alike the IRS. These particular attacks are taking advantage of the season of taxes the United Kingdom. This is not uncommon; criminals will often craft spam email messages or spear phishing message to correspond to a particular news event, season, or specific time frame. These details make these attacks more effective since they lend the scam authenticity which makes it more likely that inexperienced computer users will fall for the scam.

These types of email messages are a common scam used to take advantage of inexperienced computer users. The emails themselves are crafted to appear authentic and contain an embedded link or attached file that is actually a malware infection. Computer users in the United Kingdom should be on the lookout for these types of unwanted email messages and always refrain from downloading file attachments in unsolicited email messages or embedded links contained in these types of spam messages. In the case of this particular scam, it contains TSPY_FAREIT.ADI, a dangerous ZeuS/Zbot Trojan variant that is used to steal banking credentials, credit information, and other sensitive financial information.

TSPY_FAREIT.ADI as a ZeuS/Zbot Trojan Variant is a Serious Risk to Your PC

ZeuS/Zbot or Zbot is one of the most well known Trojan infections and its reach in the last decade have been devastating. Associated with various botnets and high profile attacks, this malware infection is a serious threat to your bank account, privacy and computer's security. Numerous variants of this threat exist, often containing different packers and self-protective measures but, at its core, the ZeuS/Zbot attack remains the same. TSPY_FAREIT.ADI has the ability to interfere with your Web browser, detect when the computer user connects with an online banking service, and then steal the computer user's login credentials by intercepting this information or displaying a bogus login screen on the computer user's Web browser. TSPY_FAREIT.ADI does not limit itself to banking information; TSPY_FAREIT.ADI may be used to steal private information related to file managers, online email services, FTP clients and other types of sensitive applications. TSPY_FAREIT.ADI will also download and install a spyware infection known as TSPY_ZBOT.ADD.

File System Details

TSPY_FAREIT.ADI may create the following file(s):
# File Name Detections
1. VAT_7808740.zip

URLs

TSPY_FAREIT.ADI may call the following URLs:

services.easyrecipessearch-svc.com

Trending

Most Viewed

Loading...