• Home
  • News
  • Metamorfo Trojan Virus uses Avast utility to evade detection

Metamorfo Trojan Virus uses Avast utility to evade detection

The metamorfo virus is a Trojan that masquerades as an Adobe Reader update.  The virus mimics a normal Adobe Reader update and hijacks a normal Avast utility to evade detection.  It then downloads additional components to the compromised machine.

 

The malicious files have the ability to steal user information by accessing computer name and logging keystrokes.  It can connect to a remote server to upload information as well as make the compromised system available to remote commands.

Now is a great time to make sure all your antivirus and firewalls are up to date.  There are many ways to deter this form of attack:

  1. Update antivirus scanners on each machine (desktop and scanner).
  2. Update or implement Antivirus on your firewall/router.
  3. Implement egress filtering to prevent sensitive data from being transmitted to remote servers.

If you have any questions, please feel free to contact us.

@ONOInTheCloud @CompDocSFL

Technical Article on Sonicwall.com: https://securitynews.sonicwall.com/xmlpost/metamorfo-banking-trojan-spotted-using-avast-utility/

Cloud Platform

Using Office Network Online's Cloud Platform, you will have all your technology and support needs taken care of for you. We'll handle all the tech stuff, you focus on your business.

Cloud Archive

Businesses of all sizes are archiving their data to the Office Network Online Cloud in order to reduce costs while taking advantage of highly secure, highly durable, and simple cloud based storage services.

Server Virtualization

Do you already have IT staff and infrastructure in place but still want to take advantage of the cloud? Server virtualization is the next step. Let us take the cost and complexity out of virtualizing your servers.