Computer Users Warned of Dangerous ‘Matcash’
Aurelija, an independent security professional, made a post to the PC1news blog on August 31, 2009 and warned that Trojan Downloaders represented true dangers to end-users' computers.
To prove her observation, the blogger cites a malicious Trojan program namely 'Trojan.Downloader.Matcash' detected by Webroot (an online security company). This malicious Trojan bombards computers with numerous other malicious programs.
Aurelija explains that Matcash enters an end-user's computer through spam mails, malicious files, and/or fake downloads to weaken the system's security that subsequently allows huge volumes of other malware to creep in. This indicates that any system once infected by Matcash can be attacked with a whole lot of other harmful programs as well.
Furthermore, Matcash can manipulate a user's network so that the infected system becomes accessible to a remote hacker who may steal personal data from it. Indeed, Matcash's infection might even severely slow down the end-user's Internet connection or make it inoperable in certain instances. The malware has a host of harmful and unique files associated with it such as gadcom.exe, Svconr.exe, Sakora.exe, b147.exe and MapEDC.exe, among others.
The Trojan is referred to with many other names given by various security companies. While the security firm 'BitDefender' calls it Trojan.Matcash.DLO, and Trojan.Generic.1215518, AVG names it Downloader.Agent.VUL, Downloader.Agent.ACTL, Agent.AOEW and SHeur2.MR.
Another notable fact about the Trojan is that it has attacked United States the most, with as many as 74,654 estimated detections. Other countries following the US are China (55,976), Japan (35,268), India (34,158) and Brazil (24,684). The Trojan has also largely attacked France, Germany, Italy, UK and Russia.
Aurelija along with other security specialists said - since 'Matcash' is a very critical threat, users must reset their passwords post cleaning the malware off their systems. Further, if any Matcash-infected user conducts online banking, then he should also reset his bank and credit card account numbers after the malware's removal. It is also recommended that users should monitor their bank and credit card statements for the successive number of months to check for possible fake transactions in case the Trojan infects their systems.
Related article: Computer Virus Writers Adopt New Strategy
» SPAMfighter News - 18-09-2009