Softpedia
 

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Tags > Trojan

Stories about: Trojan


More: next 50 >>

Cybercriminals Combine Trojans and Phishing to Empty Bank Accounts of Chinese Users

China is often appointed as being the bad guy of cyberspace, but the country is also a tempting target for cybercriminals. For instance, last year, losses of over $12.5 billion (€9.6 billion) were reported as a result of telecom fraud. Recently, Kaspersky experts were called in by the Beijing Public Security B...

13 May 2013
03:57 GMT

Vernot Trojan Avoids Detection by Using Blogging Platform for C&C Communications

One of the best ways for pieces of malware to avoid being detected by security solutions is to rely on legitimate applications and services to perform their malicious tasks. One perfect example is the Vernot Trojan. Trend Micro has analyzed a new variant, BKDR_VERNOT.B, which relies on a Japanese blogging platform f...

24 April 2013
09:23 GMT

Trojan Downloader Nenim Deletes Components to Prevent Analysis

Researchers from Microsoft’s Malware Protection Center have analyzed a clever Trojan downloader dubbed TrojanDownloader:Win32/Nemim.gen!A. Once it infects a computer, the downloader retrieves two component files: Virus:Win32/Nemim.gen!A and PWS:Win32/Nemim.A. The first component is a file infector that&rsquo...

15 April 2013
14:01 GMT

Shakespearian Banking Trojan Shylock Starts Targets New Countries, New Sectors

Shylock, the banking Trojan whose names stems from Shakespeare's “The Merchant of Venice,” is constantly being improved by its developers. According to Symantec, cybercriminals have started adding some interesting new features. The latest variants of the Trojan rely on complementary modules to enhan...

5 April 2013
18:21 GMT

APT.BaneChant Trojan Used to Target Middle East and Central Asia Governments

Trojans that analyze mouse clicks in an effort to evade sandbox environments have become more and more common. Researchers from security firm FireEye have uncovered a new piece of malware that incorporates improved mouse click detection capabilities. According to experts, the malware, Trojan.APT.BaneChant, is distri...

4 April 2013
06:50 GMT

Android Trojan Used in Attacks Against Tibetan and Uyghur Activists

Over the past months, we’ve seen numerous cyber espionage campaigns that targeted Tibetan and Uyghur activists. However, up until now, the attackers used malicious elements designed to function on Windows and Mac platforms. Kaspersky experts have identified a new attack that relies on a malicious Android appli...

26 March 2013
11:36 GMT

New Trojan Variant Distributed with Fake “ATTN: ADP Payroll Invoice” Emails

Bogus ADP Payroll Invoice emails, purporting to come from “ops_invoice@adp.com,” are utilized by cybercriminals to distribute a new Trojan variant. “Your ADP Payroll invoice for last week is attached for your review. If you have any questions regarding this invoice, please contact your ADP service ...

22 March 2013
15:41 GMT

Apple Updates Xprotect.plst to Block OSX.AdPlugin.i Trojan

Apple has updated the Xprotect anti-malware mechanism in OS X to thwart a recently discovered Trojan dubbed “OSX.AdPlugin.i,” which disguised itself as a browser plugin in an effort to inject advertisements into the websites visited by the user. As the screenshot above shows, Apple has updated the Xprote...

22 March 2013
10:38 GMT

New Yantoo Mac Trojan Uses Browser Plugin to Inject Ads into Websites

Researchers from security firm Doctor Web have uncovered a new Mac Trojan that’s designed to inject advertisements into the websites visited by the user, allowing cybercriminals to make a profit via affiliated ad network programs. The malware, dubbed Trojan.Yahtoo.1, is distributed on bogus movie trailer pages...

21 March 2013
09:15 GMT

Trojan Signed with Valid Digital Certificates Targets 23 Brazilian Banks

Security firm Avast has published a report on an interesting banking Trojan that’s currently targeting the customers of 23 financial institutions and 5 e-commerce systems from Brazil. Despite the fact that the malware is not very sophisticated, it is highly efficient at making money for the cybercriminals that...

20 March 2013
08:41 GMT

Fake MSN Messenger Installers Show Up on Google

Microsoft has already announced its plans to discontinue MSN Messenger and move all users to Skype, so cybercriminals moved quickly to try to exploit this decision. Fabio Assolini of Kaspersky Labs warns that some websites are now delivering fake MSN Messenger installers, especially because it’s very hard to f...

19 March 2013
18:01 GMT

Fake DHL Express Shipment Notifications Used to Spread Malware

Sophos experts warn users about fake “Express Shipment Notifications” purporting to come from DHL Express International. The malicious emails are designed to trick users into opening an attachment that contains a piece of malware. The archive that’s attached to the messages hides a Trojan horse ide...

19 March 2013
15:31 GMT

AVG Anti-Virus Breaks Down Windows XP Due to False Positive

The popular AVG Anti-Virus software incorrectly flagged a vital Windows system file as Trojan horse, causing a failed boot in case the user opted to remove the “infection.” According to an official post by the company, the anti-virus application identified the wintrust.dll Windows system file as Generic3...

15 March 2013
03:40 GMT

Bogus Atlantic Hotel Reservations Carry Malware

Internet users are advised to avoid opening unsolicited emails that appear to originate from Atlantic Hotel.  Sophos experts report that the emails, entitled “Fw: Atlantic Hotel,” appear to originate from an atlantic-hotel.uk.com address, which is the hotel’s genuine domain. “Further t...

14 March 2013
16:31 GMT

ArchiveLock Trojan Uses WinRar to Encrypt the Files of Users from Spain and France

Doctor Web experts have identified a new Trojan campaign that’s mainly targeting users from France and Spain.  The malware, Trojan.ArchiveLock, spreads via brute-force attacks against the RDP protocol. Once it infects a computer, the threat copies the console version of WinRar into a local folder, empties...

14 March 2013
10:52 GMT

New Trojan Bypasses OS X Gatekeeper

A newly emerged backdoor, which security firm Intego deems as pint-sized, recently targeted (and hacked computers at) Apple, Twitter, Facebook and Microsoft. Investigations have confirmed that the same Trojan was able to bypass Apple’s OS X Gatekeeper protection. Intego reported in February that the threat &ld...

12 March 2013
09:31 GMT

German Users Warned of Fake “First Class Zollservice” Emails

Internet users from Germany are advised to beware of emails that purport to come from a shipping company called First Class Zollservice. Entitled “Luftfrachsendung AWB,” which means “Airfreight shipment AWB,” the emails attempt to trick users into opening an attachment called “AWB-Avis ...

8 March 2013
10:22 GMT

Bogus Electronic Federal Tax Payment System Notifications Spread Malware

MX Lab is warning internauts about malicious emails purporting to come from the US Electronic Federal Tax Payment System (EFTPS). Entitled “EFTPS: Company Tax Payment Batch Has Been Rejected,” the emails inform recipients that their payments have been rejected. Users are instructed to download an attache...

7 March 2013
16:41 GMT

Minecraft Password Stealer Emerges – Trojan Also Targets OS X

Mac security specialist Intego reports on the emergence of a new cross-platform Trojan that also affects Mac users and targets Minecraft gamers in particular. The malware is said to steal passwords. Intego reports, “A new multi-platform Trojan that affects OS X and Windows has been discovered.” “T...

6 March 2013
05:57 GMT

Malware Alert: ADP TotalSource Automated Payroll Invoice Notification

MX Lab experts are warning users to be on the lookout for bogus ADP TotalSource notifications designed to distribute a piece of malware. Apparently originating from “totalsourceautomation@adp.com,” the emails bear the subject “ADP TotalSource Automated Payroll Invoice Notification.” The .zip...

5 March 2013
05:38 GMT

Fake Adobe Flash Player Websites Distribute Ransomlock Ransomware

In many cases, cybercriminals distribute ransomware – the threats that lock your computer’s screen and hold it that way until you pay a “fine” (or clean your device with an antivirus) – via adult websites. However, they also use numerous other techniques to spread their creations. Syman...

28 February 2013
04:45 GMT

New Trojan Targets Macs, Apple’s XProtect Doesn’t Detect It

Mac security firm Intego reports on the emergence of a new Trojan targeting Macs. The “pint-sized” malware, although minor, is fairly efficient, according to the security company based in Austin, Texas. “A new backdoor which affects OS X has been announced to an AV industry mailing list. Details ar...

20 February 2013
05:27 GMT

Reveton Ransomware Still Distributed via Cleverly Designed Emails, Despite Arrests

Last week, we learned that Spanish police in collaboration with Europol arrested 11 individuals suspected of being involved in the development and the distribution of the notorious Reveton ransomware. Despite the arrests, Internet users are still targeted with malicious emails designed to spread the threat. Avira ...

18 February 2013
04:59 GMT

Improved Version of POS Malware Capable of Directly Exfiltrating Data

Malware families designed to steal data from Point of Sale (POS) systems have become highly problematic, and experts warn that cybercriminals are continually working on improving their creations. Sophos experts have taken another look at Troj/Trackr-Gen, a Trojan that has mainly been spotted on the computers of hosp...

16 February 2013
03:51 GMT

Cybercriminals Hide Their Malicious Code by Injecting It into JavaScript

Security researchers from Sophos say that cybercriminals are using a clever tactic to hide their pieces of malware on legitimate websites. They’re injecting their malware into JavaScript code that’s hosted on the site. The malicious code inherits the reputation of the legitimate JavaScript and the main w...

13 February 2013
08:57 GMT

Cybercriminals Use ZeuS Trojan Against Customers of Japanese Bank

The notorious ZeuS banking Trojan has been around for quite some time now, aiding cybercriminals in stealing the personal and financial details of users whose computers it infects. However, up until recently, the threat hasn’t been used against internauts from Japan. It’s uncertain why banking Trojans ha...

12 February 2013
04:52 GMT

Brazilian Banking Trojan Disguises Itself as Avast! Antivirus

A lot of interesting things are happening in Brazil these days, at least as far as malware research is concerned. Earlier today, we learned of a Trojan that used valid digital certificates and now we find out there’s a threat which disguises itself as Avast! Antivirus. The banking Trojan, developed in Delphi, ...

6 February 2013
08:15 GMT

Trojan Nap Employs Extended Sleep Calls to Avoid Detection

FireEye experts have analyzed a Trojan which employs some interesting techniques in order to hide itself and the identity of its master.  Dubbed Trojan Nap, the malware relies on extended sleep calls to evade automated analysis systems and uses the fast flux technique to ensure that the attacker’s identit...

6 February 2013
03:28 GMT

Bogus FedEx Parcel Delivery Notifications Spread Smoaler Trojan

Symantec has issued an alert regarding fake FedEx parcel delivery notifications designed to distribute a piece of malware identified as Trojan.Smoaler. All the malicious emails are identical, except for the fact that they appear to come from different services and they carry different order IDs. When users cli...

30 January 2013
18:31 GMT

Chinese Cybercriminals Used Banking Trojan to Steal Money from e-Commerce Users

Last year, Chinese authorities arrested several individuals believed to be involved in a cybercriminal scheme that targeted the bank accounts of e-commerce users. Initially, police caught two of the group’s members, but after interrogating them, they learned that the gang comprised 58 individuals. 41 of them ...

30 January 2013
14:21 GMT

Hackers Use Brazilian Nightclub Fire to Spread Trojan Horse

A couple of days ago we learned that over 230 people died in a fire at a popular nightclub in Santa Maria, Brazil. Cybercriminals are leveraging the incident in an effort to distribute a Trojan Horse. Symantec experts have identified emails written in Portuguese, which promise recipients a video of the tragedy. Th...

30 January 2013
07:13 GMT

Cybercriminals Use Citadel Malware to Target Canadian Banks and POS Devices

A new variant of the notorious Citadel crimeware kit has been spotted on the systems of Canadian financial institutions and a company that uses point of sale (POS) devices to process payments. Experts from security firm Sophos say that the cybercriminals behind this particular variant are using different tactics tha...

29 January 2013
08:11 GMT

Cybercriminals Use Anti-Spam System for Communication Between Malware and Server

Cybercriminals are coming up with new ways to ensure that the malware they create can communicate with command and control (C&C) servers. Symantec experts found that they’ve started using the Sender Policy Framework (SPF) to maintain a solid connection between the malicious element and the C&Cs. SPF, an email ...

26 January 2013
06:42 GMT

Exprespam Android Malware Might Have Infected Thousands of Smartphones

The Android malware identified as Android.Exprespam has only been around for a few weeks. However, experts say that it might have already infected thousands of devices. According to calculations made by Symantec researchers, the fake market which serves Exprespam, Android Express’ Play, has been visited 3000 t...

24 January 2013
11:04 GMT

“Confidential Message to All Employees” Apparently Sent via DocuSign Carries Malware

Office workers are advised to be on the lookout for emails that appear to carry a confidential message to all employees. Experts say that these notifications are designed to spread a piece of malware capable of  stealing user passwords. Entitled “To all Employees – Confidential Message,” the b...

22 January 2013
17:01 GMT

German Users Warned About Fake Trojan-Spreading Lufthansa Emails

Security experts warn German users to be on the lookout these days for bogus notifications apparently coming from the country’s largest airline, Lufthansa. “Falls Sie diese Reiseinformation nicht oder nur teilweise lesen konnen, offnen Sie bitte die angehangte PDF-Version. Bitte antworten Sie nicht auf d...

22 January 2013
13:41 GMT

Spam Alert: Fake Europcar Invoices Carry Trojan

Security experts from SophosLabs warn users that a new spam campaign has been launched. The emails appear to come from car rental company Europcar and they’re designed to spread a Trojan. The notifications, entitled something like “Europcar Invoice 0985435234,” read: “Please find your Invoic...

16 January 2013
15:51 GMT

Massive Android Botnet Affects over 1 Million Chinese Users

A piece of mobile malware believed to be hidden in around 7,000 Android applications has infected the devices of over 1 million users from China. Experts say that this may be the largest Android botnet the country has ever seen. According to Chinese publication Xinhua, the Trojan that powers the botnet is Android.Tr...

16 January 2013
05:31 GMT

Fake LinkedIn Notifications from Connections Lure Users to Malware, Phishing Sites

Bitdefender warns users about a LinkedIn spam campaign that’s designed to lure victims to malware-serving or phishing websites. Experts believe that cybercriminals are relying on the fact that after the holiday break, many people are eager to strengthen their professional connections, so they might rush to cli...

10 January 2013
14:21 GMT

Bogus Pixmania Gift Voucher Emails Carry Trojan

Emails entitled “Pixmania.com gift voucher code,” apparently coming from Pixmania.com – the popular e-commerce website – are being used to distribute malware. Experts from MX Lab warn that the zip files attached to the bogus messages contain a 122KB file called voucher.scr. The file appears ...

10 January 2013
06:59 GMT

December 2012 VIPRE Report: Mobile Trojan and Spam Campaigns

GFI Software has released its VIPRE Report for December 2012. According to the report, the most prevalent threats were mobile Trojans masqueraded as Android apps hosted on fake Google Play sites, and spam campaigns targeting Amazon, LinkedIn and PayPal customers. Malware-spreading campaigns that leveraged the BlackH...

8 January 2013
16:51 GMT

Cybercriminals Use Stabuniq Malware to Collect Data from US Financial Institutions

Over the past year, a malware identified as Trojan.Stabuniq has been spotted in the networks of several United States organizations, particularly financial institutions such as banks and credit unions. Symantec experts have analyzed this threat and they believe that the cybercriminals might be using it to target sp...

21 December 2012
04:03 GMT

Cybercriminals Use Android Malware to Create SMS Spam Botnet, Experts Find

Cybercriminals are using an Android Trojan masqueraded as popular games and applications to create a SMS spam botnet. Security experts from Cloudmark have found an Android Trojan disguised as various games – such as Need for Speed Most Wanted, Angry Birds Star Wars, Grand Theft Auto 3 or Max Payne HD – b...

19 December 2012
04:00 GMT

Upclicker Uses Left Mouse Button to Execute Malicious Code When No One Is Looking

Experts have identified a Trojan that relies on a mouse hooking function to evade sandbox environments. Cybercriminals are aware of the fact that automated analysis systems don’t use the mouse, so they’ve developed their creations so that they step into play only when mouse movement is detected. The Tr...

14 December 2012
10:31 GMT

Crooks Rely on Carberp-in-the-Mobile to Access Bank Accounts of Russian Users

ZeuS-in-the-Mobile (ZitMo) and SpyEye-in-the-Mobile (SpitMo) are not the only pieces of malware used by cybercriminals to gain access to the bank accounts of users. Recently, they’ve started relying on the mobile version of Carberp. While ZitMo and SpitMo have mainly been seen targeting the users of European c...

14 December 2012
09:15 GMT

Apple Updates Xprotect Malware Definitions to Detect SMS Trojan

A first-of-its kind piece of malware targeting Macs, Trojan.SMSSend.3666, a fake-installer Trojan for Mac OS X was recently discovered by Russian security firm Dr. Web and subsequently patched by Apple via an update to the Xprotect malware definitions inside each Mac. Apple has issued a background update (so to spea...

13 December 2012
15:41 GMT

Citadel Trojan Kit Gradually Withdrawn from Underground Forums, RSA Says

After learning that the developers of the Citadel Trojan are planning to stop selling their creation to anyone outside their circle of trust, RSA has been continually monitoring the evolution of this topic. Now, they reveal that the Citadel masterminds are keeping their promise. Over the past weeks, Citadel Trojan k...

12 December 2012
09:36 GMT

Security Firm Identifies First Fake Installer Trojan for Macs

Fake installers have been around for quite some time now, but so far, they’ve only targeted Windows users. Now, researchers from security firm Doctor Web have identified a variant that’s designed for Mac OS X. Dubbed Trojan.SMSSend.3666, the malicious element disguises itself as an installer for a popula...

12 December 2012
03:47 GMT

How Online Bank Robberies Work – Infographic

Experts from security firm F-Secure have published a highly interesting infographic to show less techie users how cybercriminals manage to gain access to our bank accounts and steal our money. Cyber bank robberies affect all of us and anyone can become a victim of such crimes. In 2010, the US FBI investigated a tota...

7 December 2012
13:11 GMT

Malicious FedEx Postal Receipts Hide Cobra Trojan

Experts from a couple of security firms have identified a spam campaign that relies on fake FedEx notifications to distribute a piece of malware. “Dear Customer, Your parcel has arrived at the post office at December 4.Our postrider was unable to deliver the parcel to you. To receive a parcel, please, go to th...

6 December 2012
08:25 GMT


More: next 50 >>

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM