PinkStats
Posted: June 26, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 26 |
| First Seen: | June 26, 2013 |
|---|---|
| OS(es) Affected: | Windows |
PinkStats is a backdoor Trojan and a Trojan downloader that recently was confirmed to have an attack campaign extending back at least as far as 2009 – if not further than that. As a Chinese-origin PC threat, PinkStats is most significant to neighboring Asian countries, and other experts in the malware industry already have managed to verify over one thousand separate PinkStats-infected PCs in South Korea alone. PinkStats conceals itself as a fake Web analytic tool, but SpywareRemove.com malware analysts warn that any other malware installed by PinkStats may not be especially visible during their attacks – and that PinkStats' interface is not visible by default during normal PC usage, in any case. Deleting PinkStats, like any high-level threat to your computer's security, should use suitable anti-malware tools when they're available for ensuring that all malicious software associated with PinkStats, as well as all of PinkStats traces, are removed completely.
PinkStats Should Be Leaving You Pink with Outrage at Your Security Problems
As a backdoor Trojan, one might expect PinkStats to be installed and kept running as a clandestine, effectively invisible application – but PinkStats uses another form of stealth entirely. By hiding its contact with its C&C server as a Web analytics-based communication, PinkStats hopes to convince anyone casually inspecting its functions into believing that PinkStats is a benign program. Earlier versions of PinkStats also had a predominantly pink background for their fake Web analytics window, wherein PinkStats derived its informal name. PinkStats's real goal is to disable your PC's security and enable the installation of other forms of malicious software.
SpywareRemove.com malware experts have highlighted the following PinkStats-based attacks as major security risks:
- PinkStats often uses Zxarp, a benign but frequently exploited tool, to accomplish Man-in-the-Middle style attacks against your browser. These attacks may be used to distribute PinkStats through any local networks (via well-disguised ARP-poisoning attacks), intercept confidential information or modify the content of a Web page as it's being loaded. Such MitM attacks often are a trademark of banking Trojans, which use them to steal bank account information.
- PinkStats also has been found to be devoted primarily to downloading and installing other PC threats automatically. For example, PinkStats may install a Distributed-Denial-of-Service or DDoS tool that can use your computer's resource to simulate floods of traffic that crash targeted websites.
Shutting Down PinkStats's Fake Bean Counter Operation
Based on one of its known distribution methods, PinkStats should especially be prevented from spreading through shared networks between multiple computers. SpywareRemove.com malware researchers also warn that most PC threats distributed via networks also are capable of supplementing that distribution with a secondary technique, such as infecting USB drives or utilizing harvested e-mail addresses for targeted e-mail attacks. If you isolate a PC compromised by PinkStats and use anti-malware tools as they're needed to remove PinkStats, you should be able to keep the possibility of spreading PinkStats to new computers to a minimum.
Remember that PinkStats's main goal is to install specialized malware besides itself. The longer you wait before attending to a potential PinkStats attack, the likelier it is that your computer will suffer from a range of other ill effects that are probable compromises of your PC's privacy and security. Currently, SpywareRemove.com malware analysts note that all forms of secondary PC threats installed by PinkStats are signed with fake Microsoft digital signatures – a typical form of misdirection that shouldn't fool most decent anti-malware scanners.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.