Trojan.APT.Seinup
Posted: June 20, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 6,968 |
| First Seen: | June 20, 2013 |
|---|---|
| Last Seen: | January 25, 2021 |
| OS(es) Affected: | Windows |
Specially-targeted backdoor Trojans like Trojan.APT.Seinup are growing increasingly sophisticated in their attacks, with Trojan.APT.Seinup being a particularly good example for including interesting (if not brand-new) defenses that allow Trojan.APT.Seinup to run automatically and avoid its Command & Control server's traffic from being detected by traditional methods. Trojan.APT.Seinup's campaign so far centers around countries in Asia (such as Vietnam and the Koreas) and relies on an initial infection through malicious e-mail attachments. If you use a business or government computer with Internet access in one of the affected regions, you should be alert for attempts to infect your computer with Trojan.APT.Seinup. SpywareRemove.com malware researchers, naturally, recommend using highly competent anti-malware products for finding and removing Trojan.APT.Seinup.
How Trojan.APT.Seinup Signs You Up for Some Serious Problems
Trojan.APT.Seinup is distributed through attacks against specific companies and government institutions throughout Asia by means of initial e-mail salvos. These opening attacks mislead the victim with fake document attachments that are presented as potentially stolen documents or some form of relevant industry news, but opening the 'document' will trigger a drive-by-download attack from an exploit that's embedded in the file. SpywareRemove.com malware researchers also note that the same vulnerability (titled CVE-2012-0158) can be used through malicious websites or other methods, and that patching all associated software will help to block this critical security hole.
When Trojan.APT.Seinup gains access to your PC, Trojan.APT.Seinup becomes registered as a Windows service that will persist through reboots and grants remote attackers traditional backdoor-style control over the PC. Through these attacks, Trojan.APT.Seinup may allow criminals to issue direct commands to your computer, install other malware or, most especially, steal confidential data.
SpywareRemove.com malware experts also rate Trojan.APT.Seinup as being somewhat more difficult to detect than simpler PC threats as a result of its SSL encryption communications, a byproduct of its use of Google Docs for a makeshift C&C server. The use of benign websites to receive malicious instructions hasn't been pioneered by Trojan.APT.Seinup (a similar strategy using a blogging server was noted in, for example, BKDR_VERNOT.B), but this technique still is rare and correspondingly difficult to identify.
Signing Way Down to Trojan.APT.Seinup
Based on its overall sophistication, deleting a Trojan.APT.Seinup infection requires extremely competent anti-malware products with good histories of removing rootkits and other high-level threats – especially threats that specialize, like Trojan.APT.Seinup, in industry sabotage. You never should assume that you'll be able to detect Trojan.APT.Seinup or its attacks by eye, and, as usual, both networks and removable devices in contact with uninfected PCs should be considered possible infection vectors.
Removing Trojan.APT.Seinup as soon as possible should be taken as a given, but SpywareRemove.com malware experts would recommend that Trojan.APT.Seinup's infections are kept to a minimum in the first place. E-mail-based security protocols to keep track of potentially unsafe file attachments always should be kept in place both for personal and professional usage. Never open files that come from unusual sources or have other suspicious characteristics – or if you must do so, always scan these files before opening them.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.