Posted: July 15, 2015
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
|First Seen:||July 15, 2015|
|Last Seen:||February 14, 2019|
The Galileo Malware is a product used to monitor and transfer information from your computer. This product is developed and maintained by Hacking Group, a company known for its numerous government clients around the world, and PC users in virtually any region could be theoretical targets of the Galileo Malware campaigns. In spite of its high news profile, you should be able to delete the Galileo Malware with the same anti-spyware strategies and software used to combat similar, high-level threats, such as Swort or Rombertik.
Charting the News Stars of Spyware
The Galileo Malware is one of the latest products made and rented out by Hacking Group, a company known for selling its spyware services to such high-profile entities as the US FBI and the Egyptian government. Although the Hacking Group's services are years old, its recent compromise by third-party hackers allowed various security companies to have access to new information about its products, including the Galileo Malware. As with other applications by this company, the Galileo Malware's primary purpose is collecting information from an infected PC, with the distribution model carried out by a regional government actor.
Although the Galileo Malware currently requires physical access to the PC in question for its installation, the theoretical exploitation of remote install strategies remains viable. The Galileo Malware installs itself with three, separate modules. These modules assist with its rootkit format by providing modified BIOS capabilities, linking those capabilities to system reboots, and, finally, dropping components of the threat (such as the scout.exe file). When acting together, these modules let the Galileo Malware remain installed through multiple system wipes and reinstall routines.
The Galileo Malware may monitor and upload data of types typical for spyware attacks that may include:
- Your Web browsing history.
- E-mail messages.
- Instant messages.
- Audio data, including voice messages and general microphone input.
- Visual data, such as your Webcam.
Like most 'professional' spyware products, the Galileo Malware shows zero symptoms of these information-transferring functions and doesn't display memory processes or files in obvious, easily visible locations.
Turning the Galileo Malware into a Falling Star
The Galileo Malware is almost continuously active on an infected PC, although Hacking Group boasts that the Galileo Malware doesn't hinder performance or cause other symptoms that would be readily detectable. Although Hacking Group claims only to offer its products to government branches, its history of concealing some of its clientele, and exposure of having poor security practices, may call that into question. Regardless, most PC users should react to a suspected Galileo Malware infection in the same way they would respond to any spyware infection: by using anti-spyware tools to delete it.
Deleting the Galileo Malware also should be followed by isolating any security holes that could have allowed its introduction into your machine originally. PC users should be especially cautious about sharing their machines with untrustworthy individuals, or sharing potentially unsafe USB devices (some of the most common methods of compromising difficult to access, high profile systems).
At the time of this article's authorship, the Galileo Malware's company is no longer compromised by hackers. However, the data gathered from the company and leaked, including source code, invoices, e-mails and client lists, remains in circulation on torrent networks.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Galileo RCS may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.