Hiloti Installer Trojan Infection Surging

Researchers at Trusteer a security company state that they've just noted a general type of malware installer, which made its debut during late 2008, getting increasingly widespread as it pulls down additional malicious programs alongside itself. Ihotdesk published this on July 6, 2011.

Trusteer discloses that Hiloti, as the installer is called, characteristically pulls down additional infections like SpyEye and Zeus, causing every type of hazard for computer users from malware to spam.

The security company's researchers elaborate that Hiloti establishes a malevolent DLL within the directory under Windows as well as hijacks a registry also within Windows so it may remain on the infected system when the booting cycle is normal. Moreover, as per the malware directory of Microsoft, the Hiloti Trojan pulls down its tertiary malware programs after connecting with a remotely located Web-server to which it transmits system information.

The contamination thus caused is called Trojan.Zefarch that Microsoft has rated as "severe."

States Microsoft malware directory that the first time Hiloti was traced, it had Win32/FakePowav drop it in cyber-space.

Meanwhile according to Trusteer, topics for the cyber assault aren't those that are randomly chosen, instead they're carefully selected so that revenue generation for the criminals is as expected. And whilst one website serves the purposes of business users, the other allows payments through debit cards, the company indicates.

It (Trusteer) remarked that the cyber assault could largely target corporate accounts because of the extremely high balances they maintain.

States CTO Amit Klein of Trusteer that his company doubts that numerous infections from Hiloti that are possibly from one drive-by download campaign, is currently ongoing after beginning on June 20, 2011.

Citing an UK-prepared infection graph that Trusteer published, the company says the Hiloti infection is happening 2-3 times its earlier volume of contaminations. A fascinating aspect of this infection is that it doesn't seem as affecting USA or other countries, indicating that it's one of those precisely targeted assaults, which jeopardize a UK banking website.

Eventually, for warding off the above kind of assaults, it's recommended that Web-surfers should deploy high-quality security software followed with regularly keeping it up-to-date.

Related article: Health Checks Could Enhance Computers’ Safety

» SPAMfighter News - 7/19/2011