Nitol
Posted: September 14, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 2/10 |
---|---|
Infected PCs: | 347 |
First Seen: | September 13, 2012 |
---|---|
Last Seen: | May 14, 2023 |
OS(es) Affected: | Windows |
Pointing a spotlight on the sometimes-shaky links between PC manufacturers and retailers, Nitol is a backdoor Trojan whose distribution scheme includes being built-in by default with counterfeit Windows-brand operating systems. As a result, no action other than unwrapping, plugging in and booting your computer may be necessary for Nitol to launch itself and offer criminals a means of ingress into your computer through a Command & Control server. Obviously, these attacks are most likely to occur in cases where you've purchased a Windows computer from an untrustworthy dealer, although SpywareRemove.com malware analysts also warn that Nitol has shown capabilities that would let Nitol use removable drive devices as a second method of propagation. Like any backdoor Trojan worthy of the name, Nitol is a serious security vulnerability, and you should use anti-malware software as it's required to delete Nitol and all of its components in safety.
Nitol, the Built-in (Quote) Windows (Unquote) Trojan
Nitol includes worm-based features that allow Nitol to copy concealed files to removable devices and, from there, install itself on any uninfected PC that plugs in the device. However, what truly made Nitol worthy of headline news was its usage of counterfeit Windows machines, which was uncovered during a recent Microsoft-led investigation that forayed into the urban landscape of Shenzhen, China. PCs purchased from shady retailers in that region have been confirmed to include Nitol as part of their default installations, right along with pirated versions of Windows that were never purchased from Microsoft in the first place.
While China's relaxed legal regulations for manufacturers and retailers may be a large part of what allowed Nitol to build up its network in the first place, SpywareRemove.com malware experts note that Nitol infections are being seen all over the globe, comprising in the United States and Europe. With confirmed Nitol attacks on the rise and legal action against the owners of Nitol's malware-rich C&C domain (the infamous 3322.org) still inconclusive, it may very well be worth paying a little more than you'd want to be assured that the 'Windows' computer you buy is the genuine article, rather than a counterfeit.
As is usually the case with backdoor Trojans, SpywareRemove.com malware researchers haven't found any symptoms linked to Nitol's attacks, which conceal themselves in the background as Nitol launches with your OS, itself.
When Saving Some Money May Cost You More Than Usual with a Nitol-Infected PC
Nitol attempts to block several types of anti-virus programs, automatically-gathers basic information about your computer, sends said information to a criminal-operated server and, finally, uses your computer's resources to launch Distributed-Denial-of-Service attacks. However, SpywareRemove.com malware experts are forced to warn that Nitol is also likely to be instructed to launch other attacks that may attempt to install other types of malware, disable security functions and steal passwords or other forms of private data.
Nitol uses a randomly-generated file name and should be detected with anti-malware software whenever possible. Given Nitol's confirmed habit of including some worm-like features, SpywareRemove.com malware analysts also encourage avoidance of network contact with other PCs or any usage of shared storage devices until you've deleted Nitol.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.