Metamorfo Trojan Virus uses Avast utility to evade detection
The metamorfo virus is a Trojan that masquerades as an Adobe Reader update. The virus mimics a normal Adobe Reader update and hijacks a normal Avast utility to evade detection. It then downloads additional components to the compromised machine.
The malicious files have the ability to steal user information by accessing computer name and logging keystrokes. It can connect to a remote server to upload information as well as make the compromised system available to remote commands.
Now is a great time to make sure all your antivirus and firewalls are up to date. There are many ways to deter this form of attack:
- Update antivirus scanners on each machine (desktop and scanner).
- Update or implement Antivirus on your firewall/router.
- Implement egress filtering to prevent sensitive data from being transmitted to remote servers.
If you have any questions, please feel free to contact us.
Technical Article on Sonicwall.com: https://securitynews.sonicwall.com/xmlpost/metamorfo-banking-trojan-spotted-using-avast-utility/