Backdoor.APT.Aumlib
Posted: August 13, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 2/10 |
---|---|
Infected PCs: | 37 |
First Seen: | August 13, 2013 |
---|---|
OS(es) Affected: | Windows |
Backdoor.APT.Aumlib is a backdoor Trojan used in targeted attacks, typically against government agencies and companies involved in the North American telecommunications industry. While Backdoor.APT.Aumlib has been used in attacks against such specific organizations for several years, until now, its last update was in 2011 – with this newest update indicative of its continued use in targeted cyber attacks. Backdoor.APT.Aumlib allows criminals to access your PC by opening a backdoor connection between itself and a remote server, from which point a criminal may perform a variety of attacks against your PC. In light of the past infection vectors of targeted Trojan attacks like Backdoor.APT.Aumlib, SpywareRemove.com malware researchers especially caution potential victims to be careful about opening unusual e-mail attachments and recommend the use of anti-malware software for detecting or removing Backdoor.APT.Aumlib whenever it's necessary.
Backdoor.APT.Aumlib: When a Few Tweaks Make an Old Trojan New
Along with IXESHE – a similar backdoor Trojan also commonly found in targeted backdoor campaigns – Backdoor.APT.Aumlib has been in use in targeted attacks for some time but has recently received significant updates. These updates are designed for concealing Backdoor.APT.Aumlib from being identified by old threat databases; partially encoded Command & Control server communications may prevent outdated anti-malware tools from identifying Backdoor.APT.Aumlib correctly – or at all. Besides its new stealth feature, the most current version of Backdoor.APT.Aumlib still is similar to old versions of Aumlib.
SpywareRemove.com malware experts stress that PCs compromised by Backdoor.APT.Aumlib Trojans are effectively under the control of a remote attacker, who may steal information, install various other forms of malware, infect other PCs through local networks or downgrade your PC's security features. These attacks are far from unusual for any backdoor Trojan, although Backdoor.APT.Aumlib does have the additional headline-worthiness of being used in attacks against specific Western companies and government institutions. Therefore, casual PC users shouldn't expect to encounter Backdoor.APT.Aumlib in the wild.
Tracking Where the Backdoor.APT.Aumlib Campaign Goes from Here
The criminal group of hackers responsible for distributing and managing Backdoor.APT.Aumlib are believed to be Chinese in origin and clearly are ramping Backdoor.APT.Aumlib and Ixeshe up for continued use in the coming months. SpywareRemove.com malware experts stress that most targeted attacks like Backdoor.APT.Aumlib's campaigns usually are initiated through carefully-crafted e-mail messages with malicious file attachments. Deleting suspicious files without opening them or, alternately, scanning them with updated anti-malware products should be considered mandatory for protecting a vulnerable PC from Backdoor.APT.Aumlib.
Along with that, updating your security and anti-malware software always is required by SpywareRemove.com malware experts but is particularly relevant in the case of Backdoor.APT.Aumlib. Backdoor.APT.Aumlib's latest update specifically is intended to evade previous anti-malware signatures that would be able to detect Backdoor.APT.Aumlib's old versions, and having an anti-malware product that isn't updated regularly shouldn't be thought of as a foolproof defense against professionally-managed PC threats like Backdoor.APT.Aumlib.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.