Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Back to news

New Trojan.Mods mines bitcoins

December 24, 2013

Russian anti-virus company Doctor Web is warning users about a new Trojan.Mods modification that has been dubbed Trojan.Mods.10. This Trojan's authors followed the major trend of December 2013 and added a bitcoin miner to the set of Trojan.Mods.10’s features.

You may recall that Trojan.Mods programs were found in large numbers in the wild in spring 2013 and were primarily designed to intercept browsers' DNS queries and redirect users to malignant sites. As a result, instead of the requested sites, users end up on fraudulent pages whose URLs in the browser address bar appear to be official, so victims may not immediately recognize the fraud.

screenshot

Previous versions of Trojan.Mods injected malicious code into processes of Microsoft Internet Explorer, Mozilla Firefox, Opera, Safari, Google Chrome, Chromium, Mail.Ru Internet, Yandeks.Browser, and Rambler Nichrome, while the Trojan.Mods injects its code into explorer.exe, which then searches for running browser processes and also attempts to inject malignant code into them. Previously, this code was implemented as a separate dynamic library.

Furthermore, Trojan.Mods.10 contains a module designed to mine bitcoins, which coincides with the recent major trend—it is the third mining Trojan discovered by Doctor Web in December 2013.

The signatures of the threats described above have been added to the Dr.Web virus database and therefore the Trojans pose no danger to computers protected with Dr.Web anti-virus software.

Tell us what you think

You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040