Win32/Redyms

Win32/Redyms is a family of browser hijacking Trojans that are associated with extremely dangerous malware, including versions of the TDL4 Rootkit and the Black Hole Exploit Kit. Malware in the Win32/Redyms family were first detected in January of 2013, although ESG security researchers note that it is highly likely that Win32/Redyms is derived from previous browser hijackers that have been active for years. Win32/Redyms poses a severe threat to a targeted computer and that any Trojan in this family should be deleted quickly with the help of a reliable anti-malware program. Fortunately, Win32/Redyms' avenues or attack are well known, and most security programs are well equipped to handle this threat. However, due to the fact that Win32/Redyms Trojans are relatively new, it is important to ensure that your security software is fully updated in order to remain protected from Trojans in Win32/Redyms' family.

Common Symptoms Associated with a Win32/Redyms Infection

Win32/Redyms and its clones are easily detected because they are designed to redirect search engine results. This means that, after carrying out a search on Google, Yahoo, MSN Search, Bing or any other common search engine, Win32/Redyms Trojans will change the search result links so that they lead the computer user to other websites rather than to the web pages corresponding to the search results. Typically, Win32/Redyms will lead computer users to fake search engines designed to display sponsored search results. Inexperienced computer users may think that this is a normal occurrence, meaning that they are more likely to ignore the browser redirect and simply try, once more, to do their search on the malicious search engine that appeared as a result of the Win32/Redyms redirect. This exposes the victim's computer to additional malware and also allows criminals to profit greatly from advertising and affiliate marketing links.

Common Ways Criminals Use to Distribute Win32/Redyms Trojans

The most common file download that results in a Win32/Redyms infection is a fake installer for Adobe Flash. This is often downloaded after clicking on a malicious link distributed through social media spam. For example, a link may be passed around on Facebook claiming to lead to a racy video depicting a nude or controversial scene. However, when the computer user tries to watch the video, Win32/Redyms will indicate that Adobe Flash is not installed or claim that it is necessary to update Flash, 'helpfully' letting the computer user download the fake installer directly from the error message or leading the computer user to a phishing website designed to look identical to the Adobe Flash installer download page. Win32/Redyms Trojans are also commonly distributed through attack websites containing the Black Hole Exploit Kit.

SpyHunter Detects & Remove Win32/Redyms