A modified version of the banking malware Vawtrak was discovered and considered to be among the most advanced threats. Vawtrak was first detected in June 2014, targeting users in the USA. Vawtrak is also known as Neverquest and part of the Gozi family of malware, classified as one of the most dangerous computer threats - Trojans. This malware is specially designed to target bank accounts of several people. The threat may gain unauthorized access to a number of platforms and systems and let cybercriminals perform their malicious goals. Vawtrak may expose your computer to a serious risk - including your personal information, e-mail credentials and usernames and passwords for online accounts.
What is New in this Modified Version of the Vawtrak Banking Malware?
The initial version of Vawtrak was used to target financial institutions and people primarily in Japan. The modified version, however, extends its range to computers in the USA, Canada, the UK, Australia, Turkey and Slovakia. Besides financial institutions, the Vawtrak menace spreads to social networks, e-commerce sites, game portals among other sites. At the moment, security experts warn that the danger of Vawtrak is expected to increase in the future. This is based on the fact that recently some of the largest botnets as Shylock and Gameover Zeus were taken down, and this makes it easy for Vawtrak to step in.
How does It Spread?
In most cases, users cannot provide information about the way their PC has been infected. The Trojan doesn't need your permission to install but counts on Internet vulnerabilities. You can unintentionally download this threat by visiting malicious links, suspicious sites (including porn sites), opening the attachment of a spam e-mail and other dangerous activities. Computer security analysts report that in its latest action Vawtrak relied on Cutwail, the largest spam botnet at the moment. The Trojan used the brand names of AT&T and DocuSign in order to mislead the users and transfer them to an exploit kit. Vawtrak was also spread through fake e-mails from payroll services such as ADP. These e-mails contained a malicious attached file they claimed to be an invoice. Other methods of misleading users involve ‘important’ e-mail notifications for tax payments. The cybercriminals were even able to add the Google's URL Shortener to their kit of tools by sending seemingly innocent links to Dropbox, that, in fact, lead to compromised sites.
What Makes the Threat so Great?
Once Vawtrak has been successfully installed on your machine, it will be very difficult to detect this Trojan. Vawtrak is very good at avoiding interception by anti-spyware programs because Vawtrak uses a range of stealth methods. One of the features of this Trojan is the ability to overspread its vicious codes in the Kernel of your OS that in turn will provide the Vawtrak operators with full control over your PC.
To make the danger even greater, Vawtrak has used sophisticated Web injects which let it Vawtrak alter the Internet traffic information. As a result of this, the malware is able not only to obtain user names and passwords but also perform transactions automatically from your bank accounts. If you are aware that your PC is contaminated with Vawtrak, you shouldn't perform any actions associated with sensitive information.
Vawtrak represents a severe threat, and the experts anticipate in the future this Trojan's field of action to cover more industries so the necessary measures should be taken seriously. These actions include not performing any personal business - like using your bank account - on open networks. It is also highly recommended to have a powerful anti-spyware software and keep it up-to-date.
Do You Suspect Your PC May Be Infected with Vawtrak & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Vawtrak as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.