Dr.Web has studied dangerous trojan substituting web pages

28th May 2013 | By Mouseworld Now Correspondent |

Bengaluru, India, May 28, 2013: Dr.WEB, Russian developer of information security software, has studied one of the most widespread threats in April 2013, the Trojan Trojan.Mods.1, formerly known as Trojan.Redirect.140. According to statistics compiled by the curing utility Dr.Web CureIt!, the number of infections with this Trojan represent 3.07% of the total number of detected threats.

Then the dropper saves on the hard drive the main library which injects its code into all running processes on the infected computer but operates only in the processes of the following browsers: Microsoft Internet Explorer, Mozilla Firefox, Opera, Safari, Google Chrome, Chromium, Mail.Ru Internet, Yandex.Browser, and Rambler Nichrome. The configuration file containing all the data needed to run Trojan.Mods.1 is encrypted and stored in the dynamic linking library.

Trojan.Mods.1 is chiefly designed to replace web pages visited by users with malicious web pages by intercepting the system functions responsible for translating DNS names to IP addresses. As a result, instead of the sites they have requested, users are redirected to fraudulent pages where they are asked to enter a mobile phone number and reply to an SMS sent from the short number 4012. If they comply, a certain amount will be debited from their account.

The architecture of Trojan.Mods.1 contains a special algorithm that allows redirection to a certain group of addresses to be disabled.

The signature of this threat has been added to the Dr.Web virus database, so Trojan.Mods.1 does not pose a serious threat to systems protected by Doctor Web products.

 

© Mouseworld Now News Service

Tags: , , , , , , , , ,

Leave your comment

IMPORTANT! To be able to proceed, you need to solve the following simple math

What is 9 + 8 ?
Please leave these two fields as-is:

Mouseworldnow Videos
  • r chandrashekhar president nasscom
  • Anant Maheshwari, President, Microsoft India
  • Suresh_Vaswani-220 by 220

Channel News

  • Cloudera Awards Top APAC Partners at annual Partner Summit more...
  • Rashi Peripherals Bags Indywood IT Excellence Award more...
  • Rashi Peripherals Conducts Multi-City Enterprise Partner Meet more...
  • Second Edition of Annual 4.5G & 5G Innovation Summit concludes on a successful note more...
  • Wydr launches India Wholesale E-Fair more...
Subscribe via email

Enter your email address:

Follow us on Facebook
QUESTION HOUR
What does the mouse ask?

Will the spurt in online video advertisement steal the twinkle from the TV ad platform?

View Results

Loading ... Loading ...
Newsletter Registration