Trojan.Necurs.A

Trojan.Necurs.A is a member of a family of rootkits with backdoor and downloader functions, letting them compromise the security of your PC for remote control and install specialized threats for other attacks. While only limited information about Trojan.Necurs.A currently is available, malware researchers have noticed its presence in recent payloads of Trojan Zeus, a well-distributed and regularly-updated spyware Trojan that focuses on compromising bank accounts. Targeted e-mail attacks and drive-by-downloads from harmful websites are the two distribution methods that seem to be at fault for the new rise in Trojan.Necurs.A infections, and malware experts consider the removal of Trojan.Necurs.A with reliable anti-malware products to be an urgent priority for your PC's safety.

The Trojan that's Happy to Weave a Curse on Your PC's Security

Trojan.Necurs.A is one of the newest versions of Necurs to be distributed with some help from other high-level PC threats. Past Necurs attacks have involved such hazards as the Blackhole Exploit Kit (a drive-by-download attacker) and WinWebSec (a family of fake security programs), whereas Trojan.Necurs.A is primarily associated with a rise in United States-targeted e-mail attacks. These attacks use fake delivery notifications and similar formats to trick victims into opening a harmful file attachment containing the Trojan Upatre. Upatre installs a variant of Zeus, which you'll know about if you've read many of our previous articles, while Zeus also installs Trojan.Necurs.A (since, besides being a potent banking Trojan, Zeus also includes functions for downloading other threats).

Trojan.Necurs.A's full capabilities still are under analysis, although malware experts estimate that Trojan.Necurs.A most likely is intended to be an anti-security measure for protecting other PC threats installed by the same e-mail. Trojan.Necurs.A may block security programs, open a backdoor vulnerability on your PC to let criminals access it, install new types of risky software or upload data stolen by other means to a criminal-controlled server.

Even though Necurs rootkits sometimes are involved with payloads that show major symptoms, like WinWebSec, these latest attacks with Trojan.Necurs.A all use PC threats that try to hide themselves. As a result, symptoms of the infection may be minimal – especially without anti-malware utilities to detect Trojan.Necurs.A.

Dispelling Trojan.Necurs.A Before It Can Expel Your Money

Trojan.Necurs.A and the other threat related to Trojan.Necurs.A are especially well-known for the advanced programming involved in their attacks and anti-security features, and also for targeting personal information such as account passwords for your bank account. Even though you may not see any obvious signs of something wrong with your computer, malware experts always consider a Trojan.Necurs.A infection to be a high-level security and privacy hazard. Deleting Trojan.Necurs.A immediately, and with proper anti-malware tools, is paramount for the future security of any infected computer.

By the raw numbers of infections, these recent attacks using Trojan.Necurs.A installations are distinctly an issue for the United States. Despite that, other countries also have been targeted, although in much smaller numbers than those for the US. Regardless, no matter where you live, opening an e-mail attachment without confirming its safety first never is wise, and malware experts consider it best to scan any suspicious attachment to block Trojan.Necurs.A, Zeus or other threat from sneaking into your hard drive.

Technical Details