News

Shopping season is coming,users should be alert to Trojan Neurevt attack

2013-11-28

   Due to coming shopping season, criminals’ eye on some chances to some crime. Recently Baidu Antivirus has captured a new commercial Trojan named "Beta Bot" (Trojan.Win32.Neurevt.45) and multiple variants, Neurevt ranked TOP in the Baidu Antivirus Virus TOP list, and variants rapidly. 

   It is reported Neurevt first began in January of this year, its main function is to steal the users’ FlashFXP or FTP account and password;collect account information and contact list in software such as Skype; and disable security software function for longer retention in users’ computer, itis intended to control the users’ computer through remote command (run files,upload private data etc.).

   Baidu security experts warn the users said: Neurevt can download any files from a remote server, means that hackers can send any typeof Trojan to user computer according their needs, such as bit coin Trojan,Facebook Trojan, even the Trojan of online payment. Currently Baidu Antivirus givesa real-time protection to prevent Neurevt Trojan from attacking the computer. Were commend the users to download the latest version of Baidu Antivirus and open real-time protect function, to avoid the computer being controled by Neurevt.

   Baidu security expert analysis shows that Neurevt hasthree characteristics:

 

   First of all, safety protection FortNeurevt will stop the service of safety protection programs, all kinds ofsecurity software popular are likely to be attacked, security softwares relatedlist as follows:

   Symantec,Windows Defender,BitDefender,TrendMicro,McAfee,Sophos,AhnLab,GData,Kaspersky,ArcaBit,Avira,Webroot,ZoneAlarm,F-secure,PandaCloud,Bkav,Nod32,Ad-Aware,BullGuard,Rising,avast,PC Tools,Panda Internet Security,AVG,VIPRE,F-Prot, K7,IKARUS,Norman,,CA,Emsisoft,Comodo,Malwarebytes

 

   Secondly,it will hack a variety of users’ privacy data and upload to the hackers’ server

1. Steals computer and account details

   Thistrojan steals any stored user names and passwords, servers, and port connections from the following FTP programs, if they are installed in your computer:

   "CoreFTP,FileZilla,FlashFXP,FTPCommander,Putty,SmartFTP,WinSCP"



2. It might also steal your account details and contacts list from the following programs

 

   "Skype,League of Legend,Blizzard Entertainment"

 

3. It might also steal information about your computer, suchas:

 

   Operating system,Currently logged on user,Software installed in your computer,especially security software

 

   Finally, theywill control users’ computer to command through the cloud server.   Once connected, a remote attacker can do the following to your computer:

 

   (1) Download and run arbitrary files

   (2) Upload files

   (3) Send its stolen data

   (4) Spread through removable drives

   (5) Start or stop programs

   (6) Unintall

 

   Skype:baiduantivirus@hotmail.com

   Facebook:https://www.facebook.com/BaiduAntivirusEN