Home Malware Programs Mac Malware Troj/Kaiten


Posted: October 26, 2011

Threat Metric

Threat Level: 1/10
Infected PCs: 83
First Seen: October 26, 2011
Last Seen: September 2, 2021
OS(es) Affected: Windows

Troj/Kaiten is a backdoor Trojan that attacks computers running the Linux operating system (as opposed to the popular Windows or Mac-derived platforms). Although Troj/Kaiten infections are associated primarily with DDoS site-flooding attacks, SpywareRemove.com malware experts also warn that they can be used to engage in other attacks, such as stealing personal information, blocking applications or installing other forms of malicious software. Aside from very minor system changes and unusual system resource expenditures, Troj/Kaiten may show no signs of being active on your computer, but nonetheless presents an extreme threat to an infected Linux machine. The faster you resort to a good anti-malware program to remove Troj/Kaiten from your computer, the better, since every second ticking can mean another second under the control of hackers.

Troj/Kaiten: A Selective Assailant with a Flexible Plan of Assault

Troj/Kaiten is designed for the specific purpose of infecting Linux OS computers; this freely-distributed and open-source operating system is often used by computer enthusiasts and people who are interested in having a secondary operating system for security purposes. Although Troj/Kaiten isn't capable of attacking other operating systems like Windows, if Troj/Kaiten does infect your computer while you're running Linux, its attacks can be configured to cause many different types of harm.

Like other types of backdoor Trojans, Troj/Kaiten tries to avoid detection and doesn't leave obvious symptoms of its activities, although you may be able to detect Troj/Kaiten due to actions of more-obtrusive software that Troj/Kaiten installs (such as rogue security programs). Troj/Kaiten communicates with IRC servers to receive instructions on actions that Troj/Kaiten should take and SpywareRemove.com malware experts note a corresponding danger of the following:

  • Having your computer harnessed into performing Distributed-Denial-of-Service attacks. In addition to being illegal, DDoS attacks can shut down innocent website with traffic floods and may harm your computer with the excessive resource expenditure.
  • Attacks against your firewall, network security settings and other aspects of your computer's security that prevent criminals from accessing it. Relevant programs may be shut down or have their settings set to harmful values.
  • Other types of harmful software may also be installed on your computer by Troj/Kaiten. Spyware programs that steal passwords and other forms of sensitive info, scamware products that display fake infection alerts, and browser hijackers that redirect your web browser to harmful sites are all possible Troj/Kaiten payloads.

What You Can Do About Troj/Kaiten to Dial Back Its Damage

Troj/Kaiten is a sufficiently-diverse program for malicious purposes that SpywareRemove.com malware experts have even found Troj/Kaiten used to design variants that focus on other operating systems. For example, OSX/Tsunami-A, a Mac OS X backdoor Trojan that was discovered late in October of 2011, appears to be based on Troj/Kaiten's code. Regardless of which operating system you use, be alert for unwanted changes to your security-related programs and use up-to-date anti-malware products to protect your computer from attacks by Troj/Kaiten and related Trojans.

Symptoms of Troj/Kaiten infections can vary so much that the easiest way to detect Troj/Kaiten is by using an anti-malware program to scan your computer. Be certain that you've installed all threat definition database updates so that your scanner of choice can detect all Troj/Kaiten components. As long as you use an appropriately-competent anti-malware program to remove Troj/Kaiten, there shouldn't be any signs of long-term damage to Linux or other parts of your computer.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Troj/Kaiten may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fd9bc004-8331-4457-b830-4759ff704c22}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e2ddf680-9905-4dee-8c64-0a5de7fe133c}