WORM_ZBOT.GJ
Posted: June 12, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 25 |
| First Seen: | June 12, 2013 |
|---|---|
| OS(es) Affected: | Windows |
WORM_ZBOT.GJ is a new variant of the notorious Trojan Zeus or Zbot, with the notable upgrade to being able to distribute copies of itself through any removable devices (such as USB flash drives or writable DVDs). Other than its newfound means of getting around from computer to computer, WORM_ZBOT.GJ appears to include all of the basic attacks Zeus is noted for in previous cases, with the primary design goals of disabling the infected computer's security and stealing confidential information through generally-applicable attacks like keylogging and capturing screenshots. SpywareRemove.com malware researchers warn that, as a sophisticated PC threat with advanced and regularly-updated defenses, WORM_ZBOT.GJ is both difficult to detect and remove, and anti-malware products of utmost competence should be employed for deleting WORM_ZBOT.GJ (including any copies WORM_ZBOT.GJ places on any removable drives).
When Worms Hybridize with Spyware
Even in past versions, Zeus already had an ample feature set of spyware attacks, backdoor Trojan attacks and even (in some cases) rootkit functionality to enable its misdeeds of infecting PCs, compromising their security and making off with any information it could grab. WORM_ZBOT.GJ represents a new step in the regularly-updated Zeus platform, with the unusual addition of self-copying functions. These self-copying or 'worm' functions allow WORM_ZBOT.GJ to place additional copies of itself into USB flash drives, CDs, DVDs and similar devices. Other computers that use these devices may then be infected by WORM_ZBOT.GJ.
This function, while unusual for Zeus, is not particularly novel for malware overall. SpywareRemove.com malware analysts also have seen many other PC threats with worm functions, but this is one of the few times where a well-developed Trojan was updated to include this feature despite lacking it in all previous versions. PC threats like WORM_ZBOT.GJ that are classified as worms can encompass everything from low to high-level PC threats, with major attacks usually related to stealing account login information, Bitcoin mining (using your PC's resources to generate Bitcoin currency) or compromising the security of systems targeted in specific industries. WORM_ZBOT.GJ, like all versions of Zeus, also includes backdoor attacks that can allow criminals to control your computer remotely.
Its distribution features and anti-security features all exist as enablers for WORM_ZBOT.GJ's main attacks, which are oriented around stealing information from your keyboard, monitor display, web browser cookies and other sources. SpywareRemove.com malware analysts warn that WORM_ZBOT.GJ's functions are thorough enough to compromise wide varieties of different information, even though most Zeus attacks are infamous for specifically stealing account data for bank websites.
The Perfect Pesticide When You've Got WORM_ZBOT.GJ Problems
All versions of Zeus are high-level threats to your computer's privacy and security, and require PC security experts with extensive experience and/or robust anti-malware programs to be uninstalled. While SpywareRemove.com malware experts usually find most worms to be somewhat less dangerous than this, WORM_ZBOT.GJ is considered no slacker in holding up to the legacy of past versions of the Zeus campaign. Because of WORM_ZBOT.GJ's worm functions, a new caveat must be given for any disinfection process: any anti-malware scans also should scan any removable devices that have been exposed to a WORM_ZBOT.GJ-infected PC, since chances are high that they also will have become infected.
Other than the obvious means of infection via a removable device, WORM_ZBOT.GJ also can spread through other methods, just like all past versions of Zeus. Some of the most visible ones noted by SpywareRemove.com malware experts include drive-by-downloads from malicious sites (usually enabled by an instance of the Blackhole Exploit Kit), Trojan droppers included in spam e-mail messages and Facebook spam links.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.