• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 23rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Microsoft

Windows Registry now Providing Shelter to Destructive Kovter Malware

September 30th, 2015 Waqas Malware, Microsoft, Security 0 comments
Windows Registry now Providing Shelter to Destructive Kovter Malware
Share on FacebookShare on Twitter

Kovter Trojan can hide in Windows registry and does not need to be stored on the computer’s hard drive- claims Symantec — Research reveals that Kovter’s security evading feature is akin to Poweliks malware.

The malware was discovered firstly in 2013. Symantec’s researchers detected the malware’s version 2.0.3 in May 2015. It happens to be the most updated and advanced of all the malware families currently violating your privacy.

The malware changed its MO continuously and has the capability of adapting to latest hacking campaigns. It is so advanced that it can easily dodge security measures that are implemented to remove this malware.

Symantec states that the malware has borrowed security evasion mechanisms from Poweliks because it also hides in the registry of the PC.

What is Windows Registry?

It is a feature that is found purely in Microsoft Windows OS.

It is a database of all sorts of data on your computer such as user profiles, software and hardware installed and other settings that the user regularly uses.

When Kovter hides in the registry, the infection lasts longer on the machine and also serves as a gateway for other more damaging malware.

Kovter – A Facilitator of Click Fraud?

Kovter is equipped with powerful stealth features and it is widely used for committing click-fraud. The Previous versions of Kovter did go hand in hand with ransomware. However, Symantec states that its newly discovered version just focuses on click-fraud.

How Kovter is Distributed?

As far as its method of penetrating computers is concerned, Symantec states that hackers/attackers distribute this version primarily through MS Word file attachments in spam email and malvertising campaigns. 

Numerous exploit kits such as the Angler, Sweet Orange, Nuclear, Neutrino, etc., have been used to distribute this malware as well.

According to Symantec analysis, Kovter has affected 56% users in the US, 10% in the UK, 9% in Canada, 8% in Germany and 2% in Australia.

Researchers predict that

“The Kovter malware family has continually evolved since it was first discovered and shows no signs of leaving the threat landscape anytime soon.”

Symantec has also released the removal tool called Trojan.Kovter to help users get rid of this malware. It is a free download.

Kovter malware was also found updating flash plugin to the latest version. The same malware was also found in Yahoo Ad Network hacked, infecting millions of devices with ransomware virus.

[src src=”Source” url=”http://www.symantec.com/connect/blogs/kovter-malware-learns-poweliks-persistent-fileless-registry-update”]Symantec[/src] 

  • Tags
  • Fraud
  • Kovter
  • Malware
  • Microsoft
  • Privacy
  • Scams
  • security
  • virus
  • Windows
Facebook Twitter LinkedIn Pinterest
Previous article Hackers delivering ransomware virus in package delivery e-mails
Next article Intended crucifixion of Ali Mohammed al-Nimr Compels Anonymous to Target Saudi Websites 
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Hacked Android phones mimicked connected TV products for fake ad views

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads

Play Store apps plagued with malware have 700,000 downloads

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hacked Android phones mimicked connected TV products for fake ad views
Cyber Crime

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool
Hacking News

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads
Security

Play Store apps plagued with malware have 700,000 downloads

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us