Rocra is a dangerous malware, which is used to attack specific organizations and steal valuable information from them. Typically, this information includes loggin details, passwords, documents, files and other things that could be used against the victim. The latest research shows that attackers host more than 60 domains and several server hosting locations in different countries. According to experts, most of them are located in Germany and Russia. The targeted sectors of this malware are government, various embassies, research points, trade and commerce, military, gas companies and many others.
HOW PEOPLE GET INFECTED WITH ROCRA?
Rocra is distributed by trojan horses that get inside the system via malicious emails having an infected document attached. In most of the cases, targeted victims receive emails with Word's or Excel's attachments. As soon as they open it, they download trojan, which additionally acts according to its command-and-control servers . This virus is not traditional one, so it can get not only workstations but mobile devices, enterprise networks, removable disk drives or remote servers. Be aware that Rocra is mostly spread in Russia, Ukraine and other post-soviet Eastern countries, but it has also been noticed in North America and other parts of Europe. In order to avoid this extremely dangerous malware, you must avoid opening emails from the sources you don't know.
HOW TO REMOVE ROCRA?
If you think that your computer could be infected with Rocra, you should scan your machine with updated anti-malware. We recommend using updated version of Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Reimage.