Terdot banking Trojan was first noticed in mid-2016. It was concluded to have been based on Zeus Trojan which was also focused on stealing users’ banking account details. It functions as a proxy to initiate man-in-the-middle attacks. In addition to this, it steals information about browsing habits and login credentials.
While this might have been assumed as the main and only goal of this Trojan, its authors proved that they have decided to be even more intrusive. Terdot Trojan can now hack into users social media and emailing accounts, leaving very little personal space for poor victims. This extreme invasion of privacy is achieved through a man-in-the-middle attack which allows the infection to obstruct any traffic.
Before being fully functional, Terdot Trojan slips into browser process and manages all connections through its Web proxy. Additionally, it will be able to control traffic and install more malicious programs.
At the beginning, Terdot Trojan was mostly targeting Canadian banks and reached operating systems through the Sundown exploit kit or malspam. With the new approach involved, it can target basically any person and invade his/her privacy. People should be careful with their social networks like Facebook, Twitter, Youtube, and multiple Google’s services like Gmail or Google Plus.
It could be the that the improved Terdot Trojan will be distributed via fake posts on social networking sites. Therefore, be extremely careful not to open any potentially disturbing content. With the new capabilities. Terdot should be feared and avoided. If you are worried about becoming compromised by this Trojan, please run regular scans with the anti-malware tool you have installed.
Security researchers have discovered that are the most targeted by the Terdot Trojan. The top-five targeted countries: Australia, United Kingdom, United States, Germany, India. Lower in the list we see Bangladesh, Philippines, China, Malaysia, Romania and many other countries.
In case you were considering the possible options for the malware removal, we can enlist a few recommendations. First of all, do not open email letters from unknown sources. Even if you do open them, remember to treat file attachments extremely carefully. It could be that the file is highly malicious. For instance, it could bring a Terdot banking Trojan.
Source: labs.bitdefender.com.
