Gen:Variant.Downloader.167
Posted: May 29, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 98 |
| First Seen: | May 29, 2014 |
|---|---|
| Last Seen: | June 12, 2022 |
| OS(es) Affected: | Windows |
Gen:Variant.Downloader.167 is a backdoor Trojan and Trojan downloader that uses social networks as its main medium of distribution. Although Gen:Variant.Downloader.167 has achieved particular notice in news media for its internal references to Biblical scripture, malware experts are more interested in Gen:Variant.Downloader.167's general abilities for downloading other threats and compromising the security of the infected PC. Detecting or removing Gen:Variant.Downloader.167 always is a process that should use reliable anti-malware software, and most Gen:Variant.Downloader.167 infections show limited to no visual evidence.
The Latest in Trojans Sent by 'Friends'
Gen:Variant.Downloader.167 uses the instant messaging capabilities of YIM (Yahoo Instant Messenger) along with Facebook to distribute itself automatically to new victims. Because its messages use the format of friends' messages of picture requests seemingly linked through popular cloud storage services, and also use hijacked accounts for the above social networks, an insufficiently incautious PC user may be tricked into installing Gen:Variant.Downloader.167 without realizing that the attack has taken place. Gen:Variant.Downloader.167 has been able to infect significant numbers of PCs in a wide range of countries. For the time being, malware experts have seen that multiple regions of Europe and North America have suffered from the Gen:Variant.Downloader.167 campaign.
After Gen:Variant.Downloader.167 installs itself, Gen:Variant.Downloader.167 continues with attacks that in keeping with most similar PC threats:
- Gen:Variant.Downloader.167 will automatically make contact with its Command & Control server. This server may be used for various purposes, particularly transferring instructions to Gen:Variant.Downloader.167.
- Gen:Variant.Downloader.167 may download and install additional threats.
- Gen:Variant.Downloader.167 also may include functions for allowing Gen:Variant.Downloader.167 to upload information from the infected PC and is estimated to be intended to collect information that may include bank passwords or credit card numbers.
- A basic form of encryption protects Gen:Variant.Downloader.167's code and traffic from being identified by some PC security products, thus hindering the necessary disinfection process.
How to Remove a Holy Fraud from Your Hard Drive
With some sense of irony, Gen:Variant.Downloader.167 also includes Biblical references in its code, used for obfuscating some of its encrypted information. Although such programming levity has no effect on its essential functions, malware experts do note that Gen:Variant.Downloader.167's structural quirks could be used to identify similar PC threats developed by the same programming team in future Trojan campaigns. Like these internal Bible references, a Gen:Variant.Downloader.167 infection largely is hidden from casual view and shows no discreet symptoms.
Taking the above facts into account, malware experts continue to advise all possible victims of Gen:Variant.Downloader.167 attacks to use professional anti-malware solutions for Gen:Variant.Downloader.167's removal. A confirmed deletion of a Gen:Variant.Downloader.167 attack also should precipitate changes to passwords, security questions and other data that Gen:Variant.Downloader.167 may collect during its less-than-holy stay on your computer. Besides Gen:Variant.Downloader.167, additional threats that threat researchers have associated with Facebook-based distribution include the Facebook Friend Request Virus, Trojan.FakeFlash.A, Exploit.Script.Pdfka.btvxj, Etype, JS:Clicker-P, TROJ_FAKEADB.US, and the Andromeda botnet.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.