HOT LINE 1654

Alerts

Trojan spreads via emails of internet-stores

05 Sep 2014

International company Eset (Slovakia) warns users about new Trojan, which is spread in under cover of emails from internet-stores.  

Malware is spread in spam distribution. In the email body it is said that user successfully placed an order, and details can be seen in the attached file. In fact it includes exe-file with malware, which is detected with ESET NOD32 as Win32/TrojanDonloader.Elenoocka.

 

After installation on the victim’s computer Trojan downloads from the Internet other malicious programs. Elenoocka code includes six URL-addresses for file download, and include Kryptik family Trojans.

Win32/Kryptik.CKEY  creates malicious files, hides them among system files and opens access to other malware for infection. Also Kryptik victims can be a part of botnet.

Eset’s virus analytics recommend users not to open attached files in unrequested emails and regularly scan computers with antivirus program.