MyAgent

MyAgent or Trojan.MyAgent is a backdoor Trojan that's currently used for targeted attacks against companies in the aeronautical, chemical, tech and defense industries. MyAgent is distributed by e-mail hoaxes that include droppers for MyAgent disguised as fake insurance policies and other business documents – in most cases, MyAgent's installer will appear to be a PDF or ZIP file. SpywareRemove.com malware analysts have verified that MyAgent attempts to steal passwords and other types of private information, and MyAgent may also include other functions that are enabled by its C&C server connection. To be certain that all components of a MyAgent infection are deleted, SpywareRemove.com malware researchers recommend that you scan your entire PC with anti-malware tools as necessary, although MyAgent's current infection methods are only applicable to computers with Adobe software (and, in some cases, JavaScript) installed.

MyAgent: the Agent That Has No Problems with False Pretenses for Sabotaging Your PC

E-mail messages including MyAgent file attachments will attempt to portray MyAgent as some form of 'harmless' file format, such as PDF, and observed installers for MyAgent have even been found to launch actual PDF files (such as historical documents entitled 'Health Insurance and Welfare Policy') to serve as distractions from their attacks. MyAgent-related installation files dropped on your PC may also be named to look like Adobe installers – one example is 'Abode32.exe.' The exploits that are used to install MyAgent require the presence of Adobe software, and, in many cases, may be closed by relevant security patches for Adobe Reader and related programs. However, since SpywareRemove.com malware researchers have also noted that MyAgent's installer can reconfigure its exploits based on the circumstances of the attacked PC's software, anti-malware software should also be used to form a second layer of defense against MyAgent installations.

Some variants of MyAgent's installer also require JavaScript, although the usage of this program is nonobvious (since MyAgent is embedded in the PDF file). MyAgent-related PC threats are, overall, detectable by most anti-malware scanners, although numerous variants have been seen, some of which are more able to evade detection than others. SpywareRemove.com malware researchers also note that MyAgent can also be considered a relatively-advanced backdoor Trojan due to the technical sophistication of its installation process.

What MyAgent's Doing While You're Reading A Little Light History

MyAgent appears to be designed primarily to steal passwords and other confidential information, and MyAgent specifically attempts to plunder the Credentials Store, along with Windows Protected Storage (which stores form-entered passwords that are 'saved' via the AutoComplete settings). As a basic precaution against compromised accounts and related information, SpywareRemove.com malware analysts strongly recommend that you change all important passwords after deleting MyAgent with a choice anti-malware product.

However, MyAgent's attacks can also include other backdoor-related functions, such as installing other PC threats onto your computer or allowing criminals to gain access to your system. Unusually for a backdoor Trojan of its level of sophistication, MyAgent uses hard-coded URLs for its C&C servers, which limits MyAgent's flexibility significantly. Despite this limitation, SpywareRemove.com malware experts and others in the PC security industry have noted numerous variants of MyAgent that are coded to contact separate C&C servers, which gives MyAgent a certain degree of redundancy.

Technical Details