Home Malware Programs Trojans Trojan.GenericKDZ.14575


Posted: April 17, 2013

As a followup to previous attacks that targeted the NBC website, the RedKit Exploit Kit now is installing Trojan.GenericKDZ.14575 onto computers exposed to fake news links about the Boston bombing of April 15th. Trojan.GenericKDZ.14575 primarily is designed as spyware that steals confidential login data like passwords, but also may be used for attacks like spamming or installing other forms of malicious software. While spam messages of all sorts should be considered with all due suspicion, SpywareRemove.com malware experts especially warn PC users who are interested in current news events like the Boston marathon bombing – wherein spam-related attacks have been confirmed to take place as soon as mere hours after the actual event. Any contact with sites associated with these e-mail messages should be counteracted with anti-malware programs that can detect and delete Trojan.GenericKDZ.14575 before it has a chance to damage your PC.

Taking Tragedy to a Whole New Level with Trojan.GenericKDZ.14575

Along with ZeroAccess and the Citadel Trojan, Trojan.GenericKDZ.14575 is one of multiple payloads that have been associated with the RedKit Exploit Kit, a software exploit package that configures itself to attack your PC where it's most vulnerable. Out-of-date programs, particularly for Adobe PDF readers, Flash and Java are the primary means by which these exploit kits often succeed in their attacks, but the RedKit Exploit Kit also may abuse vulnerabilities that can't be corrected by security updates.

SpywareRemove.com malware researchers covered the RedKit Exploit Kit previously, noting its rather sensational compromise of the NBC network's official homepage, but new attacks utilizing Trojan.GenericKDZ.14575 have put the RedKit Exploit Kit back into the spotlight. These latest attacks don't rely on exploiting traffic to popular websites, but, instead, use spam e-mail attacks that include links to hostile sites. The e-mail messages are themed to resemble news articles and media clips related to the recent Boston bombing, but the link in question leads, of course, to a site that hosts the RedKit Exploit Kit, which does its best to infect your computer through any software vulnerability it can access.

Why Trojan.GenericKDZ.14575 is Less Destructive Than a Bombing... But No Less Dangerous

Assuming that your PC is unprotected, the RedKit Exploit Kit launches a drive-by-download attack that installs Trojan.GenericKDZ.14575, which is, by itself, capable of installing other PC threats. Other attacks that our malware analysts have associated with Trojan.GenericKDZ.14575 include but, sadly, aren't restricted to:

  • Backdoor exploits that allow criminals to exercise a degree of control over your computer through a remote server.
  • Spambot attacks that exploit your computer's resources to send spam through e-mail, instant messengers and other social networking media.
  • The theft of Bitcoin currency from any accessible wallets.
  • The theft of passwords, user account names and other personal information. Popular social networking accounts, e-mail accounts, FTP accounts and bank accounts all are prime targets for these attacks – particularly the latter, since Trojan.GenericKDZ.14575's RedKit Exploit Kit often is associated with banking Trojan campaigns.

Fortunately, Trojan.GenericKDZ.14575 is easier to defuse than the news scenario it exploits to get into your computer. Most competent anti-malware applications should be capable of removing Trojan.GenericKDZ.14575 during a scan, but – given the recent nature of the latest Trojan.GenericKDZ.14575 attacks – SpywareRemove.com malware researchers urge you to update any anti-malware software that's used in this procedure.