Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

New Edition of Kovter Malicious Program Pretends to be Firefox Update


The Kovter group of malicious programs now has one fresh variant. This variant pretends to be Firefox update while utilizes one genuine certificate. Users who proceed to download the update would actually be taking down Kovter. The discoverer of this variant is Barkly a cyber-security company which detected the malware several weeks back at the time it was infecting clients of the firm.

Barkly researchers on investigating further found that they had really detected one fresh malware strain which didn't just include the most recent Kovter variant without any filename, but also had one genuine certificate from Comodo that would aid the variant bypass the infected PC's anti-viruses.

The malware confronts potential victims in the form of one Firefox update; however, it carries out its usual Kovter sinister operations like executing click-fraud attacks, planting Trojans that are remotely accessible, and installing ransomware. Scmagazine.com posted this, July 7, 2016.

Kovter whose existence has been continuing from 2014 mostly acted to execute ad fraud, quietly opening advertisements as the victim operated his PC.

The real procedure for infecting involves Powershell scripts that inserts into the device a shellcode, acquires persistence despite repeated booting, followed with getting the malware to work. Barkly has brought the maliciously working certificate into the notice of Comodo in anticipation of its withdrawal.

In January 2016 when the latest Kovter distribution technique hadn't still started, Forcepoint saw criminals employing Kovter for turning victimized users into proxies within one global Internet proxy network. Thereafter, during April, Kovter's creators incorporated one ransomware strain into their ware package that however couldn't attain much success in comparison with other ransomware groups namely Cerber, CryptXXX, or Locky.

Kovter, down the year long periods, has continuously developed, at times into strange directions; however, the latest development has taken it somewhat ahead of security software. It's simply one more of those variants, while expectedly fresh ones may arrive during the forthcoming months.

Users are recommended not to load Firefox editions which arrive on their PCs from nowhere. It's better to visit the Firefox authorized site; the update tool built into their browsers; or download mirrors of Softpedia for acquiring fresh editions.

» SPAMfighter News - 7/12/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next