Tuesday, March 12, 2013
Trojan.Hosts infects about 8,000 new computers every day
To hack websites cybercriminals use protocol FTP, connecting to resources using previously stolen usernames and passwords. Then, on the hacked site to load the command interpreter (shell) which varies with the file. Htacess, and the site has not hosted malicious script.
As a result, when entering the infected site visitor, it prints a web page that contains links to a variety of malicious applications. In particular, so recently begun to be widely distributed family of Trojans Trojan.Hosts.
It should be noted that the Trojans this family spread by hackers are not just using the hacked sites. Was organized and the work of several affiliate programs through which cybercriminals are paid remuneration for profit from the victim Trojan.Hosts. Thus, these Trojans can get on the computers of potential victims in other ways - for example, using backdoors and Trojan downloaders.
Recall that the main purpose of malware families Trojan.Hosts - file modification hosts, located in the Windows system folder and is responsible for network address translation sites. As a result of malicious actions when trying to go to one of the most popular online resources the user of the infected computer to the attacker is redirected to a web page.
The magnitude of this threat in early 2013, took almost an epidemic. Thus, the peak spread Trojans Trojan.Hosts was in January and the middle of February, when daily on users' computers recorded about 9500 cases of infection with malware that family. In early March, the number of infected workstations was slightly reduced - for example, for a day on March 11 was found only 7658 cases (the number is calculated by the number of cases reported by the Trojan changes the contents of the hosts file on the infected computer.)