TSPY_ZBOT.YYKE
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 90 % (High) |
Infected Computers: | 27 |
First Seen: | April 10, 2014 |
Last Seen: | February 21, 2022 |
OS(es) Affected: | Windows |
TSPY_ZBOT.YYKE is a variant of the ZeuS Trojan that has been associated with recent attacks involving the Upatre Trojan. This attack has been connected to spam email messages that contain threatening attachments and pretend to contain official messages from important banking institutions such as Lloyds or Wells Fargo. Corrupted spam email messages associated with TSPY_ZBOT.YYKE will try to convince the victim that their bank has sent a secure message to them. This supposed safe message is contained in a MSG file attached to the corrupted email message. Needless to say, the supposed 'message' is a threat.
The TSPY_ZBOT.YYKE is a Variant of the Infamous Upatre
The MSG file contains another MSG file which itself contains the Upatre Trojan variant. This method of bundling compromised email attachments within other email attachments allows third parties to bypass poorly implement security software or email attachment scanners. Considering this, PC security experts strongly counsel computer users to avoid opening any unsolicited email attachment, even supposing they were sent from known persons. In many cases, close sources may have been infected so that their email address is then used to send out spam email like those used in the TSPY_ZBOT.YYKE attack.
Once the Upatre Trojan variant contained in the corrupted spam email attachment is opened, it infects the victim's computer and begins to download other threats from a remote server. Analyzed variants of this threat would download the TSPY_ZBOT.YYKE. This threatening Trojan has both banking Trojan and spy capabilities and may also install a Necurs Trojan variant. This threat disables security software on the victim's computer in order to make its attacks more devastating and to make the victim's computer more vulnerable to other forms of threats.
It is important to note that Upatre is not only associated with TSPY_ZBOT.YYKE. It has also been linked to threatening ransomware infections that will encrypt the contents of the victim's hard drive. This makes TSPY_ZBOT.YYKE particularly damaging, as TSPY_ZBOT.YYKE can not only endanger your privacy, but also may cause you monetary losses.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.