Remove Varenyky Trojan (Spambot) and Stop Sextortion
MINACCIA RIMOZIONE

Remove Varenyky Trojan (Spambot) and Stop Sextortion

1 Star2 Stars3 Stars4 Stars5 Stars (1 voti, media: 4.00 su 5)
Loading ...

varenyky è un dangerous Trojan with spyware functionalities which also operates as a spambot. Security researchers believe that the Varenyky spambot is currently under heavy development meaning that it is going to evolve. At the heart of the Varenyky spambot operation is sextortion. The Trojan is designed to steal passwords, and spy on victims’ screen via FFmpeg when they watch adult content.

varenyky also communicates with its command and control server via Tor, and the spam that activates the operation is sent via email.

Sommario minaccia

Nomevarenyky
TipoTrojan, Spambot
breve descrizioneVarenyky is a Trojan and a spambot that is currently distributed via phishing and spam emails.
SintomiLe vittime non possono verificarsi alcun sintomo apparente di infezione.
Metodo di distribuzioneSpam emails and phishing.
Detection Tool See If Your System Has Been Affected by Varenyky

Scarica

Strumento di rimozione malware

Esperienza utenteIscriviti alla nostra Forum to Discuss Varenyky.

Varenyky Trojan and Spambot – Distribution Methods

According to WeLiveSecurity researchers, the Varenyky Trojan is currently targeting France, e più specificamente, the users of Orange S.A., a French ISP. The main distribution channel of the spambot is phishing emails. The researchers came across a spam campaign that redirected to a survey and a bogus smartphone promotion. Tuttavia, another campaign is relying on sextortion principles, and is spying on the victim’s screen while they are visiting adult websites.

One of the malicious documents that is distributing Varenyky is attached in an email states that a bill of €491.27 is available. Upon opening the supposed bill, the victim will be notified that the document is protected by Microsoft Word and needs human verification. In altre parole, the victim is prompted to enable macros.

It is curious to note that the macro detected in this Word document is using the function Application.LanguageSettings.LanguageID() to obtain the language ID of the victim’s computer.

"This ID contains the country and the language set by the user. The script checks if the value returned is 1036 in decimal (or 0x40C in hexadecimal) and according to the Microsoft documentation this value corresponds to France and the French language,” WeLiveSecurity researchers explained.

Correlata: 4 Ragioni per le quali si ricevono Sextortion e altre truffe e-mail

Varenyky Trojan – Technical Overview

Come già accennato, the Varenyky Trojan is currently targeting French victims via fake invoices in the form of Microsoft Word documents that prompt them to enable macros. When the potential victim opens the document and the macro is executed, the operation makes sure that the user is indeed French. If the victim is of other nationality, the malware operation ceases. If the French origin is confirmed, the malware will communicate with its command and control server to determine what components to download. Varenyky also installs a piece of software that steals passwords and spies on victims via FFmpeg when they are watching pornographic content online.

The Varenyky Trojan can also detect specific “trigger” keywords of sexual nature as well as websites (such as YouPorn, PornHub, and Brazzers. When any of these keywords is caught, the malware will record the computer’s screen via an FFmpeg executable. The recorded content is then sent to the command and control server. Ovviamente, the reason for recording the victim’s screen under these specific circumstances is sextortion and blackmail. It is also highly possible that Varenyky will be used in highly targeted campaigns.

Remove Varenyky Trojan

If your computer system got infected with the Varenyky Trojan, si dovrebbe avere un po 'di esperienza nella rimozione di malware. You should get rid of this Trojan as quickly as possible before it gets the chance to spread further and infect other computers. Consider removing the Trojan immediately, and follow the step-by-step instructions available below.

Nota! Il sistema del computer può essere influenzata da varenyky e altre minacce.
Analizza il tuo PC con SpyHunter
SpyHunter è uno strumento di rimozione malware potente progettato per aiutare gli utenti con l'analisi la sicurezza del sistema in profondità, rilevamento e la rimozione di varenyky.
Tenete a mente, che lo scanner di SpyHunter è solo per il rilevamento di malware. Se SpyHunter rileva il malware sul PC, è necessario acquistare lo strumento di rimozione malware di SpyHunter per rimuovere le minacce malware. Leggere la nostra SpyHunter 5 recensione. Clicca sui link corrispondenti per controllare SpyHunter di EULA, politica sulla riservatezza e Criteri di valutazione della minaccia.

To remove Varenyky Segui questi passi:

1. Boot Your PC In Safe Mode to isolate and remove Varenyky files and objects
2. Find files created by Varenyky on your PC

Utilizzare SpyHunter per la ricerca di malware e programmi indesiderati

3. Scansione per malware e programmi indesiderati con lo strumento SpyHunter Anti-Malware
Avatar

Milena Dimitrova

Uno scrittore ispirato e gestore di contenuti che è stato con SensorsTechForum per 4 anni. Gode ​​di ‘Mr. Robot’e le paure‘1984’. Incentrato sulla privacy degli utenti e lo sviluppo di malware, crede fortemente in un mondo in cui la sicurezza informatica gioca un ruolo centrale. Se il buon senso non ha senso, lei sarà lì per prendere appunti. Quelle note possono poi trasformarsi in articoli!

Altri messaggi

Lascio un commento

Il tuo indirizzo email non verrà pubblicato. I campi obbligatori sono contrassegnati *

Termine è esaurito. Ricarica CAPTCHA.

Condividi su Facebook Quota
Loading ...
Condividi su Twitter Tweet
Loading ...
Condividi su Google Plus Quota
Loading ...
Condividi su Linkedin Quota
Loading ...
Condividi su Digg Quota
Condividi su Reddit Quota
Loading ...
Condividi su Stumbleupon Quota
Loading ...