Infostealer.Ayufos
Posted: April 4, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 9 |
| First Seen: | April 4, 2014 |
|---|---|
| Last Seen: | October 14, 2019 |
| OS(es) Affected: | Windows |
Infostealer.Ayufos is a spyware program that has taken part in a recent surge in bank account-targeting harmful actions by Japanese threats. As a new PC threat that was identified in early 2014, Infostealer.Ayufos may be difficult to detect by outdated security solutions, and strives to avoid displaying any of its components while simultaneously tracking classified information. Infostealer.Ayufos's current distribution is estimated to be in limited quantities, but malware researchers still rate Infostealer.Ayufos as a high-level threat to your PC's privacy and safety. Accordingly, there's no time to waste in deleting Infostealer.Ayufos with powerful and updated anti-malware software.
Just One Player in the Bank Heists at the Land of the Rising Sun
Although widespread banking Trojan attacks once were a rarity in Japan, new threat campaigns starting since 2013 have caused a sharp increase in these assaults, which track information and even initiate cash transfers without many symptoms to warn the users of any infected computers. Infostealer.Ayufos, along with the highly-reminiscent Infostealer.Torpplar and Infostealer.Bankeiya, is one of the banking Trojans seen most often used in these attacks. However, Infostealer.Ayufos's general-purpose functions also are a threat to PCs in other nations, as malware experts observed with the following features:
- Infostealer.Ayufos disables any default firewall utilities, which allows Infostealer.Ayufos to transfer data to and from your PC unimpeded.
- Infostealer.Ayufos records any typing to a log file, which Infostealer.Ayufos then transfers to a C&C server – a process known as keylogging that may compromise privileged information.
- For information that can't be caught through the keyboard, Infostealer.Ayufos also uses a secondary method of spying: taking automatic screenshots that are transferred in the same fashion as its log files.
Unfortunately, Infostealer.Ayufos's set of features does not end there. Malware researchers warn that Infostealer.Ayufos may be configured for additional attacks that are not directly linked to its spyware intentions, such as concealing the Windows Control Panel or terminating other programs.
Getting the Best of Spyware Before They can get to Your Cash
Infostealer.Ayufos exemplifies many of the standard features that cybercrooks expect from semi-sophisticated threats that are meant to target accounts for financially lucrative information. Although there's little that's original about Infostealer.Ayufos, its lack of creativity is not indicative of a lack of danger to an infected machine. Detecting and then deleting Infostealer.Ayufos always should be handled with the assistance of third-party anti-malware software whenever possible, especially since malware experts have seen Infostealer.Ayufos disguising itself as Svchost.exe, an essential Windows file.
Distribution methods for Infostealer.Ayufos Trojans are under investigation though related spyware programs that also have taken part in recent Japanese PC attacks that have used Java exploits to install themselves. Disabling Java, keeping it updated or even uninstalling it can resolve the bulk of these vulnerabilities, although, as always, these defenses are not a perfect replacement for live anti-malware protection.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Documents and Settings\<username>\Application Data\svchost.exe
File name: C:\Documents and Settings\<username>\Application Data\svchost.exeMime Type: unknown/exe
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.