It seems that today everyone is discussing about Vawtrak or Neverquest. If you have no idea what this virus can be used for and how does it spread, this article is just for you.
The main reason why we decided to write about this malware is its increased distribution rate. It is known that this virus has already affected 15 financial institutions in Canada and it seems that it is not going to stop. In addition, as some of respectable PC security sources warned several days ago, hackers have just started distributing it with a help of new techniques that haven’t been used previously. Of course, they have also filled this malware with new features making it much more dangerous than it was in the past.
So, what is Vawtrak?
According to PC security experts, Vawtrak (also known as Neverquest) is a very malicious banking trojan, which is used for trying to steal a wide range of victims’ credentials. In fact, as Jakub Kroustek from AVG anti-virus claims, it’s one of the most dangerous threats in existence because it was created for gathering personal information and stealing it without leaving traces.
This banking trojan can easily take over people’s passwords, digital certificates, browser history, and cookies. For that, Vawtrak uses a whole set of features that include such things as captured videos and/or screenshots, injected custom codes in web pages, man-in-the-middle attacks and so on. Using the Tor2Web proxy, this virus is capable of updating itself and it seems that it can easily hide these malicious download/updates by using steganography. Finally, you should know that it can easily disable antivirus software and may create a remote access to its affected machine.
At the moment of writing, Vawtrak is compatible with Internet Explorer, Mozilla Firefox, and Google Chrome. However, it doesn’t mean that it is not capable of stealing passwords from other web browsers..
How does Vawtrak spread?
According to the latest news, hackers are spreading this virus using infected spam email attachments, malicious links, malware downloaders Zemot or Chaintor and exploit kits. It has already showed up in such countries as United Kingdom, the United States, and Germany. However, it is believed that users in Australia, New Zealand, and across Europe have also been affected. The biggest number (90 percent) of computers infected with Vawtrak virus were located in Canada..
For avoiding this threat, you should think about installing reputable security software on your computer. In addition, you have to keep it up-to-date for preventing security holes. One more tip – stay away from illegal websites, delete emails from unknown parties and ignore alerts that are offering you to update your Java, Flash Player and similar programs.