Trojan.Swort Spreading via MERS-themed Malicious Emails - How to, Technology and PC Security Forum |

Trojan.Swort Spreading via MERS-themed Malicious Emails

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Symantec has discovered a new attack of the Trojan.Swort, spread via MERS-themed emails. MERS stands for Middle East Respiratory Syndrome – a respiratory virus that is new to humans. The exploitation of the MERS theme is likely provoked by the recent increase of cases in South Korea. Taking advantage of viral outbreaks is not new to attackers. A similar email campaign ‘inspired’ by the Ebola virus was spotted last year.

Download a System Scanner, to See If Your System Has Been Affected By Trojan.Swort.

Symantec Report on Trojan.Swort


Trojan.Swort is a Trojan horse with a low risk level. It has been discovered on October 24, 2014, and is recently revived in the MERS-theme malicious email campaign. As stated by Symantec, Trojan.Swort must be executed manually. After its execution, the threat downloads arbitrary code and compromises the system’s security. Trojan.Swort affects the following Windows versions:

→Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP

Specifications of the MERS-themed Malicious Email Campaign

As already mentioned, the dangerous virus has immersed in South Korea. More than 100 people have been contaminated, and an additional 2,000 patients have been put under quarantine.

Just recently, Symantec has gathered a malevolent sample from external sources, discovering that the threat has been spreading via emails. The file itself is an .exe file that imitates a Microsoft Word document. Interestingly enough, the file name is written in Korean and is translated as it follows:

→“MERS_List of hospital and infected patient.docx.exe”

Fortunately, the campaign is far from sophisticated and is a simple Trojan downloader known as Trojan.Swort. Symantec researchers have reported that the configured remote host is not responsive. Similar attacks may reoccur since the MERS threat is rapidly becoming a global problem, currently affecting Asian countries.

Trojan.Swort Removal Options

Security researchers remind users to be very careful when opening emails from unknown sources. Frequently updating the anti-malware solution is a crucial safety tip. In case users want to be sure that their computers have not been affected by Trojan.Swort, running a full system scan is highly recommended.

Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

1. Start Your PC in Safe Mode to Remove Trojan.Swort
2. Remove Trojan.Swort automatically with Spy Hunter Malware - Removal Tool.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share