Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Golroted Trojan Repeatedly Attacking SMBs, Finds Quick Heal

According to Quick Heal Technologies, the infamous data stealing Trojan malware 'Golroted' has been found attacking SMBs (small-and-medium sized businesses) more-and-more for filching their monetary related log-in details as well as other secret information.

Following one thorough examination of Golroted from the initial notice of the malware in November 2014, Quick Heal thinks the Trojan's assaults basically occur within Middle East and South-East Asia. The number of contaminated end-users was highest in India at 33% followed with Indonesia (31%) and Thailand (9%).

The examination by Quick Heal reveals that the cyber-crime syndicate responsible for Golroted is executing many bulk e-mail scams which distribute spear phishing messages having files attached containing either zipped archives having keyloggers or exploited Microsoft files. On viewing one of these malevolent attached files, the keylogger garners critical data from the system followed with transmitting the same onto its designated server. This' done via dispatching the data onto the server through e-mail attachments alternatively via posting it onto certain FTP server.

Filched details from victims' PCs consist of end-user's bank details, captured screenshots, login names as well as passwords in addition to the contaminated PC's details.

The malware monitors as well as captures screenshots of websites victims got to, and documents they open that subsequently get uploaded onto its command-and-control server. Moreover, passwords that Golroted records are usually those of social media and e-mail accounts along with financial service and banking portals as well as government-related websites. The passwords also include for A/Cs at major Indian banks as well as of Yahoo, Gmail, Windows Live Mail and Rediff A/Cs. Besides, passwords of PayPal, Paytm and the like online payment websites too figure within the list.

According to Chief Technology Officer Sanjay Katkar at Quick Heal Technologies, in the present time, Golroted like many malware groups are attacking SMBs for capturing their confidential data. Therefore, it's advisable that users adopt sufficient security as well as not use Web-browsers' "Remember Password" option for protecting their passwords, the Officer adds. Ncnonline.net reported this, June 5, 2015.

Eventually, for staying safe from such undesirable malevolent assaults, end-users must make sure their most recent virus databases are up-to-date.

» SPAMfighter News - 6/15/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page