TROJ_ARTIEF.LIN
Posted: March 1, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 3,731 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 4,581 |
| First Seen: | March 1, 2012 |
|---|---|
| Last Seen: | October 16, 2023 |
| OS(es) Affected: | Windows |
TROJ_ARTIEF.LIN is a Trojan dropper that's distributed via file attachments from spam e-mail messages, with recent attacks being themed around NBA player Jeremy Lin and the accompanying 'Linsanity' phenomenon. Since TROJ_ARTIEF.LIN's disguise involves a fake .doc file type and opens an actual document file for a distraction, victims of TROJ_ARTIEF.LIN infections may not even be aware that they've been attacked. SpywareRemove.com malware researchers have observed that TROJ_ARTIEF.LIN has been found to backdoor Trojans that can allow criminals a certain level of control over your PC, with TROJ_ARTIEF.LIN's attacks being focused on Tibet and some former Soviet Union regions. If you suspect that your PC has been infected by TROJ_ARTIEF.LIN, the ideal course of action is to scan your computer with anti-malware software that are capable of removing TROJ_ARTIEF.LIN and its payload before hackers are able to take advantage of your computer's vulnerability.
How a News Document Leads to Attacks with TROJ_ARTIEF.LIN
High-profile TROJ_ARTIEF.LIN attacks are noted to confine themselves to fake e-mail messages that include Word document attachments, although other methods of TROJ_ARTIEF.LIN distribution may also exist. TROJ_ARTIEF.LIN e-mail messages gain your trust by claiming to offer information about sports star Jeremy Lin, and recommend that you open the included file attachment for more info. As long as you delete this e-mail without opening its attachment, your PC should be safe from TROJ_ARTIEF.LIN. However, as soon as you make the mistake of reading the included document file, your PC will come under attack by TROJ_ARTIEF.LIN.
Cleverly, TROJ_ARTIEF.LIN will open an actual document as a decoy while TROJ_ARTIEF.LIN continues to attack your PC by exploiting a stack buffer overflow-based flaw in Microsoft Word (labeled as CVE-2010-3333) to install a backdoor Trojan, BKDR_MECIV.LIN. The document itself isn't malicious and will not trigger anti-malware programs, although TROJ_ARTIEF.LIN may cause alerts if your anti-malware software is active during its installation. Since TROJ_ARTIEF.LIN uses Word-based vulnerabilities to attack your PC, SpywareRemove.com malware experts also note that you can render your PC invulnerability to TROJ_ARTIEF.LIN's attacks by simply not having that application installed.
How to Deal with TROJ_ARTIEF.LIN's Own Brand of Linsanity
Backdoor Trojans like that which is included in TROJ_ARTIEF.LIN's payload can allow criminals to steal personal information, control your computer's actions for malicious purposes, install other PC threats or make undesirable changes to your security settings. TROJ_ARTIEF.LIN has also been found to send identification-related data to a server that may be used to assist in remote attacks. SpywareRemove.com malware experts recommend that you treat any chance of a successful TROJ_ARTIEF.LIN attack as a potentially serious threat to your PC.
Although manual removal techniques are inadvisable, TROJ_ARTIEF.LIN and its payload are both easily removable by suitable anti-malware products. Since TROJ_ARTIEF.LIN was designated as a PC threat in mid-February of 2012, SpywareRemove.com malware analysts recommend that you install any available patches for your anti-malware scanner's threat database before you try to find and delete TROJ_ARTIEF.LIN with it.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%User Temp%\{RANDOM CHARACTERS}.doc
File name: %User Temp%\{RANDOM CHARACTERS}.docMime Type: unknown/doc
Group: Malware file
%User Temp%\{RANDOM CHARACTERS}.exe
File name: %User Temp%\{RANDOM CHARACTERS}.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.