Bitrix Cautions of Trojan Impersonating Its Security Framework
Bitrix Inc. has cautioned its clients that a Trojan is circulating, while posing as the company's security framework. Moreover, as per its security specialists, the malware is able to filch confidential information like payment card numbers, usernames and passwords from contaminated PCs. Consequently, the specialists accord it the highest possible danger online.
Historically, Trojans are programs that cause destruction after taking the guise of harmless files or software. While, they claim to remove viruses from users' PCs, they themselves install malware on people's systems. Frequently, Trojans imitate a popular and authentic file name alternatively pretend to be a .doc or .jpg file for duping users.
Says Bitrix that the current Trojan has been detected as belonging to its Agent family as also it seemingly disseminates through bulk spam mails along with malevolent web-links. It can also be loaded onto potentially victimized PCs through different disguises like a Bitrix security program or Microsoft's Silverlight.
And when users open the contaminated file, there occurs an automatic installation of the Trojan on their computers via the creation of several files as well as self-registration inside the registry. Thereafter, the malware works actively without drawing notice, recording keystrokes as well as transmitting gathered data onto a remote server. This technique thus enables a hacker to acquire his victim's secret details such as username, password and even payment card details.
But a wary user can detect the Trojan by the "Bitrix Security" folder present inside the directory for software information that carries several supplementary files along with a Dynamic Link Library file named anything say xaukvmm60.dll.
Remarking about the problem, specialists on Internet security stated that though cyber-criminals had exploited updates from Microsoft, Adobe and other leading software companies earlier for concealing their malware, the current incident was the first one where someone had hijacked software of a smaller firm in the manner described.
Hence Bitrix advises that end-users make their anti-virus engines up-to-date as well as verify if their PCs have the malicious Trojan. Besides, security experts too suggest that users make their operating system up-to-date so that their PCs are safeguarded against malware assaults.
» SPAMfighter News - 09-11-2010