Security experts from MicroWorld Technologies inform that “Trojan-Clicker.Win32.Qhost.v’ is a new variant of the Trojan-Clicker series. This malware spreads via email attachments targeting DNS servers to redirect web traffic towards specific websites.
By exploiting vulnerabilities in the Internet Explorer and Internet Connectivity components of Windows, “Qhost.v’ reroutes victim’s machines to pre-decided websites and other online resources. It provides necessary commands to the browser or overwrites system files where standard web addresses are stored.
Trojan clickers are used for many nefarious purposes causing varying degrees of malice and destruction to the victim.
By infecting a large number of PCs they can raise the hit count of specific URLs while stripping of user’s basic right to access websites of one’s choice and purpose. In an organization this can obtrude business continuity and create chaos by affecting web traffic.
“Qhost.v’ can also launch “Denial of Service’ attacks on specific servers. “DoS’ is a form of online blackmailing and extortion where they inundate Web Servers or Mail Servers with a flood of requests to bring an organization to its knees.
But the most dangerous use of Trojan Clickers come to play in redirecting users to dangerous websites that can infect computers with Trojans, Worms and Script Viruses via browser vulnerabilities.
“A Trojan Clicker is a conduit for Trojans and Worms other than being a malice in itself. Like the Trojan Dropper variety that we detected earlier, this breed too paves way for more attacks of many different kinds. The worst part of this variety is that it hijacks your browser and does not require voluntary participation from users to further infect computers with more malice,” observes Govind Rammurthy, CEO, MicroWorld Technologies.
Of all online threats, Trojans are identified to be one of the fastest evolving breed, apparently conspicuous in “Qhost.v’s capacity to hijack total Internet activity against the will of users. PSW Trojans, Trojan Droppers, Trojan Proxies, Trojan Spies and Trojan Notifiers are some of the emerging types with specific targets and modes of operation. MicroWorld Technologies has constituted a special team of experts researching upon new and emerging Trojans and their methods of proliferation.
“Imagine a situation where phishing gangs employ Trojan Clickers to redirect users towards fake, look-alike websites, even while users key in authentic URLs. In such a scenario, users will be caught completely unawares of the fact they are giving away their personal information to online criminals,” points out Govind Rammurthy. “Online transactions can only be safe when you are absolutely sure that even the last strain of malware is flushed out of your system. That’s why our products “eScan’ and “MailScan’ pull no stops at ensuring a totally virus free environment.”