Home Malware Programs Trojans Trojan.GenericKDV.1210899


Posted: August 28, 2013

Threat Metric

Threat Level: 8/10
Infected PCs: 26
First Seen: August 28, 2013
Last Seen: March 7, 2020
OS(es) Affected: Windows

Trojan.GenericKDV.1210899 is a Trojan downloader that infects specific corporate targets through fraudulent Xerox WorkCentre e-mails, afterward downloading and installing other PC threats, such as the spyware program Trojan Zeus. Because Trojan.GenericKDV.1210899 installs its payload while hiding the attack from the victim, SpywareRemove.com malware experts warn that symptoms of Trojan.GenericKDV.1210899-related attacks may only be detectable through anti-malware utilities and related security tools. As usual for dealing with any high-level threats that may distribute new malware, deleting Trojan.GenericKDV.1210899 should be done as soon as possible to prevent a single compromise of your PC from being exacerbated into a multiple-threat attack campaign.

A Generic Fake E-mail for a Generic (but Effective) Trojan

Although Trojan.GenericKDV.1210899 uses e-mail as its distribution method, Trojan.GenericKDV.1210899 isn't spammed to indiscriminate victims. Instead, Trojan.GenericKDV.1210899 e-mails are sent to addresses corresponding to specific businesses, with tens of thousands of separate Trojan.GenericKDV.1210899-carrying messages already confirmed thus far. The messages are designed to look like generic alerts regarding Xerox office equipment, making them likely to infect the PCs of any office workers who don't exercise proper precautions around unusual file attachments.

PC users who launch the attached ZIP archive will have their computers infected by Trojan.GenericKDV.1210899, which is a specialized Trojan downloader that uses additional software vulnerabilities to install other malware without your permission. Although the full range of Trojan.GenericKDV.1210899's payload has not yet been examined, SpywareRemove.com malware researchers can verify that Trojan.GenericKDV.1210899 installs, amongst other things, a variant of Zeus. Zeus is well-known for using browser-based attack to steal online banking information and sophisticated defensive functions that hide it from sight.

Keeping a Trojan.GenericKDV.1210899 Attack from Turning into a Company-Wide Problem

Trojan.GenericKDV.1210899 and many similar PC threats targeted at private industries usually are best defended against via a combination of anti-malware tools for removing infections after the fact, and common-sense security precautions to prevent their infections in the first place. SpywareRemove.com malware experts especially remind readers that e-mail messages distributing ZIP-archived files are a major vehicle for many types of malware, including other Trojans besides Trojan.GenericKDV.1210899 and that you always should scan these files before trying to open them.

Trojan.GenericKDV.1210899's attacks don't give off any obvious symptoms that would let you know that your PC has been compromised. However, Trojan.GenericKDV.1210899's payload does include PC threats with capabilities geared towards stealing highly confidential information. One of the most well-documented examples of these attacks includes browser injections that insert malicious content into your browser that requests confidential information, all while looking like normal Web content from a trusted bank or other company. In some cases, these PC threats also have shown the ability to compromise network-accessible PCs, and your network security also should be a concern until you're certain that you've removed Trojan.GenericKDV.1210899.

Technical Details

Additional Information

The following messages's were detected:
# Message
1'Please download the document. It was scanned and sent to you using a Xerox multifunction device.'