Troj/Trackr-Gen
Posted: November 30, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 16,221 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 623 |
| First Seen: | November 30, 2011 |
|---|---|
| Last Seen: | March 3, 2025 |
| OS(es) Affected: | Windows |
Troj/Trackr-Gen is a Trojan that records credit card-related information from sales-processing computers to text files. Although Troj/Trackr-Gen has no way to transmit this information to hackers, all Troj/Trackr-Gen infections that SpywareRemove.com malware researchers have observed have only been noted after backdoor access to the infected PC has already been acquired. Troj/Trackr-Gen is used in targeted attacks against small companies, including education, finance and charity-based entities. Since Troj/Trackr-Gen will try to avoid obvious notice and conduct its credit card theft in a clandestine manner, an active and competent anti-malware program, as well as basic Internet safety procedures, should be considered your primary defense against possible Troj/Trackr-Gen attacks.
Troj/Trackr-Gen: A Thief of Niche Purpose
Troj/Trackr-Gen is a spyware-based Trojan that's installed only after criminals have gained remote access to an infected PC. Remote access allows Troj/Trackr-Gen's hacker-partners to view or delete files, install software or exert other forms of control over the computer, and is often acquired via opened network ports and disabled firewalls. Troj/Trackr-Gen's distribution method hasn't yet been analyzed, but Troj/Trackr-Gen may distribute itself through spam e-mail messages, P2P files or through hard drive resources that are shared between computers.
Although Troj/Trackr-Gen's aspirations aren't particularly-high, Troj/Trackr-Gen can, nonetheless, do severe financial damage with its default behavior. Troj/Trackr-Gen is targeted at small companies that have fewer resources invested in security measures than larger ones, and attacks sales-processing (AKA point-of-sale) computers by deliberately-circumventing PCI/DSS security routines. Different versions of Troj/Trackr-Gen use different file names; older versions of Troj/Trackr-Gen have used the name rdasrv.exe while newer versions of Troj/Trackr-Gen have used [Sequence of seven random numbers].exe.
Once Troj/Trackr-Gen has gained a foothold on a PC, Troj/Dloadr-DKK scans that computer's memory for track one and track two-based credit card data. This includes credit card numbers, account names, expiration dates and similar forms of private data. However, SpywareRemove.com malware researchers note that, unusually, Troj/Trackr-Gen doesn't try to send this information out by itself. Instead, Troj/Trackr-Gen stores it in a currentblock.txt or data.txt text file. Criminals with remote access to the infected computer can then peruse these files at their leisure.
Keeping Your Business Safe from Troj/Trackr-Gen
Because Troj/Trackr-Gen first gained widespread notice in late November of 2011, SpywareRemove.com malware experts particularly recommend that you update your anti-malware software if your threat databases are notably-older than that date. In addition to the standard forms of security precautions that should be in use with any PoS computer, you may also wish to guard against Troj/Trackr-Gen attacks by:
- Avoiding widespread web-surfing activities on PoS computers, especially with regards to sites that utilize questionable Flash or JavaScript functions.
- Avoiding file downloads (including e-mail file attachments) that are from unusual or suspicious sources.
- Keeping all your software, including your browser, e-mail client and operating system up-to-date to reduce the presence of security holes that can be exploited by Troj/Trackr-Gen and other forms of PC threats.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.