Trojan.Delf-FPW
Posted: September 27, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 4 |
| First Seen: | September 27, 2013 |
|---|---|
| Last Seen: | November 7, 2021 |
| OS(es) Affected: | Windows |
Trojan.Delf-FPW is a general detection for various components of a Trojan botnet-based PC threat that has been responsible for stealing Social Security Numbers, credit information and other identity-related data from millions of victims to date. Although a portion of a Trojan.Delf-FPW may be hosted on any personal computer (including yours), the criminal business behind Trojan.Delf-FPW primarily is interested in targeting significant business data maintenance companies and has compromised major players like LexisNexis and Dun & Bradstreet. As a PC threat that's relevant to both personal and private interests, detecting and deleting Trojan.Delf-FPW always should be done as fast as possible and with all appropriate anti-malware tools. As usual for a botnet-based PC threat, Trojan.Delf-FPW Trojans don't show symptoms and will do their utmost to hide from the PC users whose systems they're compromising.
The Identity Stealer that Goes for the Middleman Instead of the Source
Trojan.Delf-FPW is an example of threat authors going for efficiency over directness, with attacks that primarily are targeted at the specific companies that are most likely to store identity information in bulk. Data aggregation companies like LexisNexis, Kroll Background America and Altegrity all have been victims of these attacks but, at this time, have declined to offer details on what kind of information has been stolen during the durations of these infections (which have lasted for several months, at a minimum, in all known cases). However, the criminal company selling this Trojan.Delf-FPW-gathered data, SSNDOB, appears to have millions of individual entries on US residents alone.
Ironically, the existence of Trojan.Delf-FPW as the primary means of stealing all of this data only was revealed with the completely inadvertent help of a second group of criminals: a set of attackers from UGNazi, which stole information from SSNDOB and released it on a Russian website for what appears to be racially motivated reasons. In doing so, UGNazi also gave PC security experts the opportunity to look over the twice-stolen databases and confirm the existence of the Trojan.Delf-FPW botnet.
Putting the Trojan Genie Back in Its Bottle... and Your Information Back in Safe Storage
Naturally, workers in the business of data aggregation, and particularly those that collect identity and finance-based information, should enact all suitable anti-malware solutions to block any new Trojan.Delf-FPW attacks and remove Trojan.Delf-FPW as is proper. Trojan.Delf-FPW is a multiple component PC threat and, in most cases, may be detected multiple times in a single scan. However, Trojan.Delf-FPW also is a concern for casual PC users – since the Trojan.Delf-FPW botnet also may be hosted on personal computers that aren't involved in any kind of private industry. Regardless of what type of computer you're using, you shouldn't expect to see visible symptoms of a Trojan.Delf-FPW's presence, although Trojan.Delf-FPW may cause some unusual resource usage and/or system instability.
If any of your personal information has been stored at a company that is part of the many victims of the Trojan.Delf-FPW's campaign, you also will want to be attentive to the possibility of personal information-based attacks related to you. Identity theft, fraudulent bank transfers and similar hazards should be watched for – at least, until further information is made available by the affected companies.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.