TROJ_NAIKON.A

Posted: April 26, 2013

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	9/10
Infected PCs:	9

First Seen:	April 26, 2013
Last Seen:	February 21, 2021
OS(es) Affected:	Windows

Disguised as a fake Internet Explorer file that's installed by an e-mail-distributed Trojan dropper, TROJ_NAIKON.A is a backdoor Trojan that injects itself into the real Internet Explorer's memory process, afterward contacting a C&C server from which TROJ_NAIKON.A can receive attack instructions, upload stolen information or download malicious files. At this time, TROJ_NAIKON.A's C&C server currently is down, limiting the damage that TROJ_NAIKON.A can do to your PC. However, this state of affairs may not remain intact indefinitely, and TROJ_NAIKON.A with access to a functional Command & Control server has the potential to originate an expressive degree of harm to your PC. Given the risk involved, SpywareRemove.com malware analysts encourage taking no chances, and recommend deleting TROJ_NAIKON.A with a powerful anti-malware program whenever you fail to block the initial infection.

How the Consequences of Terrorism Reach Deep into the Web

While TROJ_NAIKON.A has been used in a range of different attacks throughout regions of Asia such as Vietnam, the TROJ_NAIKON.A attack that has gathered the most attention from SpywareRemove.com malware experts involves targeted attacks against American residents. Joining the ignoble ranks of fellow Trojans like WORM_KELIHOS.NB and Trojan-PSW.Win32.Tepfer, TROJ_NAIKON.A is another Trojan to be distributed by e-mail spam messages that claim to offer information related to the recent Boston Marathon bombings. Current templates disguise the Trojan dropper for TROJ_NAIKON.A as a fake 'prayer' file, with the implication being that the victim should open and read the prayer to solace the souls of the dead and their surviving relatives – but, rather than any kind of spiritual source, the actual result is that TROJ_NAIKON.A will be installed on your computer.

TROJ_NAIKON.A's Command & Control server currently appears to be down, but with an active server, TROJ_NAIKON.A can be used for attacks that are typical for Trojans with backdoor capabilities. TROJ_NAIKON.A can install malicious software, steal passwords and similarly sensitive information or change the settings of your PC without your permission, all of which TROJ_NAIKON.A coordinates after TROJ_NAIKON.A injects itself into Internet Explorer's process. These latest attacks also mislabel TROJ_NAIKON.A's executable file to make it look like a component of IE.

Keeping TROJ_NAIKON.A from Riding on the Tail of Tragedy to Your Hard Drive

TROJ_NAIKON.A uses several methods to conceal itself, including encrypting its C&C communications with a SSL protocol. While these features may hinder an analysis by unsophisticated security products, SpywareRemove.com malware researchers hasten to emphasize that a high-quality and updated anti-malware tool shouldn't have any troubles in finding TROJ_NAIKON.A.

Since TROJ_NAIKON.A launches itself automatically, restarting in Safe Mode can be used to alleviate any possible interference with disinfecting your computer. Of course, removing TROJ_NAIKON.A, as always for any kind of advanced malware, should use any reliable anti-malware tools that are available. Deleting TROJ_NAIKON.A appropriately, while not preferable to avoiding its e-mail-based infection in the first place, still is something that should be done quickly to avoid any compromises of your computer's safety or privacy.

TROJ_NAIKON.A

Threat Metric

How the Consequences of Terrorism Reach Deep into the Web

Keeping TROJ_NAIKON.A from Riding on the Tail of Tragedy to Your Hard Drive

Leave a Reply