Threat Database Trojans TSPY_MINOCDO.A

TSPY_MINOCDO.A

By Domesticus in Trojans

Threat Scorecard

Threat Level: 90 % (High)
Infected Computers: 8
First Seen: April 2, 2013
Last Seen: April 22, 2020
OS(es) Affected: Windows

TSPY_MINOCDO.A is a Trojan that is involved in a phishing scam linked to Facebook. TSPY_MINOCDO.A is distributed via a bogus Facebook security check page as shown in figure 1 below. The purpose of TSPY_MINOCDO.A is to divert target computer users, who visit Facebook to a spoofed web page, which declares to be included in the security check feature of the social networking website, and even shows the tagline 'Security checks help keep Facebook trustworthy and free of spam'. TSPY_MINOCDO.A reroutes all traffic to facebook.com and www.facebook.com to the system itself, using the victimized computer system's HOST file. This makes sure that the affected PC user can never reach the authentic Facebook website. At the same time, TSPY_MINOCDO.A controls all browser activities and diverts the victim to the infected website. TSPY_MINOCDO.A also executes DNS queries to several web addresses. TSPY_MINOCDO.A grabs information from attacked PC users.

Figure 1 - Bogus Facebook security check page

Trending

Most Viewed

Loading...