Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Fresh Upatre Trojan Phishing scam Attacks Windows XP, says AppRiver

AppRiver the security company recently exposed one fresh phishing scam, which uses the Upatre Trojan, while particularly attacks computers with the Windows XP operating system of Microsoft although the OS is no longer active according to public declaration, at least as per software giant Microsoft.

However, innumerable users continue to utilize the program when online which serves as the key explanation as to why cyber-crooks keep attacking these machines.

And because the OS has no accompanying security patch or other kind of support, it has become an old technology's graveyard and certain town full of ghosts wherein malicious software can move across devoid of being scared of the sheriff.

The new spam outbreak, according to AppRiver, involves an e-mail captioned "Attorney-client agreement." It attempts at duping end-users into viewing attached zipped files piggy-backing on the Upatre.

Security Company AppRiver states that the current outbreak is unlike the spam runs of previous kinds as the zipped file contains 3 arbitrary names that show up differently with each spam message. Consequently, spam filters find it hard to stop inflow of the e-mails on the basis of filenames of the attachments.

Senior Security Analyst Fred Touchette at AppRiver states that the current attack is interesting in that it appears as targeting now obsolete computers. Having executed the Trojan variants onto a few separate operating systems, the malware merely wishes as working malevolently on systems with active Windows XP.

And after the malware is installed and executed, it compromises system processes for invading the PC, examines the IP address of the machine followed with attempting at exchanging messages with the IP address via the port 12299 as well as transmitting the details dug out from the PC like the PC-name and its IP address.

After this, the Trojan appends registry entries. Several such entries halt security certificates while seek to debug tools for disarming the host PC even more.

Touchette elaborates that running Upatre on more fresh systems would result in its shutdown prior to even having an opportunity to run, thus making its existence futile.

Meanwhile, it's expected the XP-targeting Upatre will emerge with more sophisticated editions soon.

ยป SPAMfighter News - 10/8/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page