Key generators for several program spreads malware

Fake AV Trojans of family TROJ_GATAK are increasing according to TrendMicro. The malware is masking as key generators for a wildly used programs. Fake antiviruses are programs that simulate an antimalware in order to obtain a compensation for detecting nonexistent threat on victim computer.

The program will create notifications alerting user about viruses and it will also prevent operating system from performing normally. TROJ_GATAK starts by adding an autostart registry key to make the program launch with each reboot and download a payload with image file from Sri Lanka.

gatakTrendMicro image downloaded by TROJ_FAKEAV.SMWV

By running the malware it will display fake virus detection and ask victims to make an online payment to remove the detected viruses. Users need to be cautious and never pay for such fake alerts. Instead if you have such warning it will be important to restart the system in a safe mode and run a security software scan with updated signature.

Notify of
Inline Feedbacks
View all comments