TSPY_FAREIT.SMC
Posted: October 17, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 9/10 |
---|---|
Infected PCs: | 63 |
First Seen: | October 17, 2012 |
---|---|
OS(es) Affected: | Windows |
TSPY_FAREIT.SMC is a Trojan downloader that installs variants of Zeus spyware onto the affected computers. TSPY_FAREIT.SMC's payloads then proceed to steal confidential information, with an emphasis on e-mail addresses, passwords, bank account information and cookie-stored data. Even by itself, TSPY_FAREIT.SMC has been found to be able to steal account and login information for various file managers and FTP clients. The latest TSPY_FAREIT.SMC attacks, as analyzed by SpywareRemove.com malware experts, utilize e-mail spam messages that encourage victims to download TSPY_FAREIT.SMC as a fake update for Adobe Flash. Given the advanced and incredibly invasive nature of TSPY_FAREIT.SMC's payload, it's highly encouraged that you avoid infections in the first place, but advanced anti-malware products can be used to remove TSPY_FAREIT.SMC and its Zeus Trojans if this is necessary.
TSPY_FAREIT.SMC and the Business Transaction that Definitely Should Be Left Waiting
Like many other PC threats, strategies for distributing TSPY_FAREIT.SMC use e-mail spam, but SpywareRemove.com malware researchers have noted two separate templates being used for TSPY_FAREIT.SMC's e-mail messages. One e-mail for TSPY_FAREIT.SMC attempts to trick victims with a fake PayPal transaction notice, while a second e-mail uses a fake WebEx conference invitation. In either case, clicking on the provided link will take you to a fake update page for Adobe Flash.
SpywareRemove.com malware researchers emphasize that this fake Flash web page has been designed to look nearly identical to that of the normal update page for Adobe Flash, including Adobe's characteristic drop-down menu. However, if you try to update Flash, your PC will, instead, be infected with TSPY_FAREIT.SMC.
Besides conducting its own attacks, TSPY_FAREIT.SMC also installs one of two other PC threats: TSPY_ZBOT.LAG or TSPY_ZBOT.AMM. These variants of the well-known Zeus spyware are designed to target and steal bank account information, even though SpywareRemove.com malware analysts also notice that FTP client data and other types of sensitive information are also at risk from attacks by TSPY_FAREIT.SMC and its payload.
Making Sure Your Account isn't TSPY_FAREIT.SMC's Next Victim
Because TSPY_FAREIT.SMC's latest attacks have coincided with a recent Adobe Flash update, you should be particularly careful to avoid installing Flash updates from dangerous sources. Always navigate to the desired site for updates without using potentially-compromised links or other sources that are often used for malware distribution.
A successful TSPY_FAREIT.SMC infection has a very high chance of stealing many different passwords and login names from your computer. After you've used anti-malware products to alleviate the TSPY_FAREIT.SMC infection, you should strongly consider changing all important passwords to prevent criminals from hijacking your accounts.
SpywareRemove.com malware analysts also mention that having strong passwords, first of all, is a fine idea to fight TSPY_FAREIT.SMC, which also contains brute-force-based password-cracking attacks that could be used to compromise password-protected resources. Since this method uses a preset list of easily-guessed password combinations, the stronger your password is, the safer your PC is from TSPY_FAREIT.SMC.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%User Temp%\{RANDOM NUMBER}.exe
File name: %User Temp%\{RANDOM NUMBER}.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
update_flash_player.exe
File name: update_flash_player.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.