Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


AVG - Infamous Vawtrak Trojan is Spreading Globally

Scoop.co.nz published a report on 25th March, 2015 quoting Jakub Kroustek, Researcher with security firm AVG Technologies, as saying "A new variant of infamous Vawtrak banking Trojan is getting distributed all over the world."

Since last few months, AVG has followed the quick growth of Vawtrak (alias Neverquest or Snifula). Once it has tainted a system, Vawtrak enters into bank accounts when the victim visits his/her account. Moreover, Vawtrak uses the notorious Pony module to steal a wide range of login information.

While Vawtrak Trojans are not new, the researcher highlights the great interest of this particular sample as he singles out the new features analyzed by the security firm.

The features include: Theft of many varieties of passwords used by online users or stored in a local machine; Injection of custom code in web pages displayed by users (this is mainly related to online banking); Surveillance of the user (key logging, capturing video, taking screenshots); Automatic updating; Creating access remotely into a machine of the user.

Now.avg.com reported on 24th March, 2015 stating that if Tor2web is used for security point of view then it can access updated servers which are hosted on the Tor concealed web services without installing high-quality software like Torbrowser.

Furthermore, the communication with the remote server is conducted via SSL adding more encryption.

The register.com published news on 25th March, 2015 quoting Kroustek as saying "sample of latest Vawtrak uses steganography to hide updated files within favicons, small images to add color to website bookmarks and browser tabs, in a different trick which helps to hide the malicious downloads."

Vawtrak is infecting users of banking, gaming and social network mainly across the United States, United Kingdom and Germany. Users in New Zealand, Australia and all over Europe are also affected but to a lesser extent.

The malware tries to disable the antivirus products by permitting the availability of the Software Restriction Policies mechanism on Windows systems. The feature is planned for administrators of network which offers them to have control over the software executed on controlled endpoints.

AVG concludes that Vawtrak is just like a Swiss Army knife for its operators because of its wide range of applications and existing features.

ยป SPAMfighter News - 4/2/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page