Trojan.Win32.Agent.uael
Posted: November 22, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 14 |
| First Seen: | November 25, 2012 |
|---|---|
| Last Seen: | May 14, 2022 |
| OS(es) Affected: | Windows |
Trojan.Win32.Agent.uael is a banking trojan that steals private information that's related to Venezuelan banks and Venezuela's Commission of Currency Administration. While Trojan.Win32.Agent.uael is relatively simple as far as banking trojans go, Trojan.Win32.Agent.uael's attacks are an especial danger to anyone who uses the above organizations, as well as to computers in general due to its attempts to disable baseline security features. Top infection rates for Trojan.Win32.Agent.uael currently are centered on the United States and, of course, Venezuela, although SpywareRemove.com malware research team warns that other countries have also been found harboring Trojan.Win32.Agent.uael infections in small numbers.
Trojan.Win32.Agent.uael: the Fraudulent Cry of Election Fraud
Trojan.Win32.Agent.uael is distributed via spam and malicious sites that appear to promote a PDF news article regarding subversion of Venezuela's presidential elections – a well-timed attack, given that Venezuela's last election was early in October of this year. On a passing glance, these sources appear to be affiliated with Globovisión, and the 'PDF' file actually is an EXE that uses a misleading name and icon to appear to be a safe file. Once it's launched, this file will install Trojan.Win32.Agent.uael.
One immediate function related to Trojan.Win32.Agent.uael that all PCs users should concern themselves about is its ability to disable the User Account Control. This has several negative effects on the security of the compromised computer, including allowing Trojan.Win32.Agent.uael to exploit administration-level features for its own benefit. For this reason, even if you feel that your PC doesn't fall into likely targets for Trojan.Win32.Agent.uael attacks, you should use anti-malware software to detect and remove Trojan.Win32.Agent.uael after any exposure to attacks like the ones outlined above.
Why Venezuelans Have Especial Reason to Worry About Trojan.Win32.Agent.uael
Trojan.Win32.Agent.uael's main functions all are concerned with stealing private information related to currency transactions from Venezuelan citizens. SpywareRemove.com malware experts have considered the following two Trojan.Win32.Agent.uael-based attacks to be of particular note:
- Changes to your DNS settings allow Trojan.Win32.Agent.uael to redirect your web browser from a Venezuelan banking site to a malicious site. These malicious sites will look similar to the real bank's site, but include various attempts to steal your confidential information.
- Trojan.Win32.Agent.uael also employs similar attacks against the Comision de Administracion de Divisas or CADIVI. In theory, this could allow Trojan.Win32.Agent.uael to compromise the CADIVI to acquire additional currency permits for malicious transactions.
Trojan.Win32.Agent.uael also may gather information through other methods such as keylogging or screen captures. Obviously, Venezuela-based PC users should be particularly cautious to avoid Trojan.Win32.Agent.uael's infection vectors, which, as noted earlier, also are specialized towards targeting victims from that country.
However, Trojan.Win32.Agent.uael is a danger to any PC that it infects – even if it's abilities for stealing cash appear to be limited to a narrowly-targeted geographical region. SpywareRemove.com malware researchers suggest using anti-malware programs as appropriate to block Trojan.Win32.Agent.uael from being installed or to delete Trojan.Win32.Agent.uael, if it becomes necessary.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.