MSUpdater Trojan
Posted: February 8, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 97 |
First Seen: | February 4, 2012 |
---|---|
OS(es) Affected: | Windows |
MSUpdater Trojan is a Remote Administration Tool (abbreviated as RAT) that attempts to steal personal information, upload identifying information to remote servers and create vulnerabilities that can be exploited by hackers. Although similar Trojans have been in distribution for years, MSUpdater Trojan was only recently identified in February of 2012 due to a series of mass-mailed e-mail attacks. MSUpdater Trojan e-mail messages may fake being conference invitations, although the MSUpdater Trojan can easily be identified by its presence as a mislabeled file attachment. SpywareRemove.com malware experts recommend that you delete MSUpdater Trojan with appropriate anti-malware software if you've opened such a file attachment or have any other reason to believe that MSUpdater Trojan might be on your computer; failure to remove MSUpdater Trojan appropriately may result in loss of passwords and other types of sensitive information, in addition to serve as an invitation for hackers to exert control over your PC.
A Tempting Invitation for Your Computer's Doom
As of early February 2012, MSUpdater Trojan has been noted for using e-mail-based attacks to propagate throughout the web; these attacks, like many other Trojan attacks, use PDF file attachments that must be downloaded and opened before the attack can trigger. Being cautious around links and file attachments from unusual sources is the easiest way to avoid a MSUpdater Trojan infection, although once MSUpdater Trojan has been installed, using anti-malware software should be considered the best way to remedy the situation. Current templates for MSUpdater Trojan e-mail messages use the lure of a fake conference for government-associated institutions, with the claim that the recipient's invitation is enclosed in the attached PDF.
The PDF file format is, in fact, central to MSUpdater Trojan's installation, since SpywareRemove.com malware researchers have noted that this file uses Adobe Reader-specific exploits to deliver MSUpdater Trojan. Although these exploits have been patched by Adobe not just once, but multiple times, MSUpdater Trojan's criminal coders have updated the exploit to a fresh zero-day vulnerability after every patch. Hence, although patching your software can help to protect against outdated MSUpdater Trojan attacks, the only defense against a brand-new MSUpdater Trojan attack is to have appropriate security software or to prevent Adobe Reader from being installed on your computer at all. Current exploits trick anti-malware software into treating the MSUpdater Trojan as a normal Windows update, hence the Trojan's name.
The Conference That Takes Everything That Your PC Can Give It
As both a Trojan and a RAT, MSUpdater Trojan uses an outside server to receive its instructions for future attacks and may also use this server to upload stolen information or to download other PC threats. As long as MSUpdater Trojan is on your PC, you should assume that backdoor vulnerabilities are in place that would allow hackers to control your computer, and SpywareRemove.com malware experts recommend that you treat MSUpdater Trojan as a high-level threat until MSUpdater Trojan is removed. MSUpdater Trojan has also been noted to scan for specific files that are likely to contain sensitive information, and you may wish to change passwords and other types of personal credentials after you've deleted the MSUpdater Trojan infection.
MSUpdater Trojan and closely related PC threats may also be identified by a range of different names, depending on the version of MSUpdater Trojan that's involved and the type of anti-malware product that you use to find MSUpdater Trojan. Examples of MSUpdater Trojan's aliases and commonly accompanying Trojans include Trojan.Win32.Scar.cpkp, Backdoor:Win32/Isnup.B, Win-Trojan/Injector.17920.AZ, Mal/Ovoxual-A, Mal/Ovoxual-B, Voronezh.1600.A, Troj/Otlard-A and Trojan-Downloader.Win32.Small.apou.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.