Trojan disguised as a browser that clicks on Internet ads – Interia

Cybercriminals use all possible ways to illegal earnings on the Internet. Experts from Doctor Web pointed out that in addition to their use of traditional methods, such as spreading viruses or phishing confidential information, all the while there are also new risks. Such unusual malware is Trojan.Click3.9243, which aims, among others, artificially generate clicks on Internet ads.

Trojan.Click3.9243 can click on ads” for us “- without our knowledge

/ press releases

Cyber ​​criminals once again ambushed Facebook users . This time foraging on the suicide death of actor Robin Williams. Experts from the antivirus company ESET warn that the alleged video of the last farewell to the actor is another scam where cyber criminals earn. read more

This type of Internet fraud involves forcing the user visits certain websites and unknowingly clicking on advertisements contained on them. Offences of this type make it easy for cybercriminals to generate income within the system of pay-per-click. This practice is also often used by website owners who thus generate clicks on the banners of their competitors. Thereby increasing their spending on advertising, if, for example. A campaign was planned for a specific number of impressions or clicks. One program that enables this type of fraud is discovered by specialists from the company Doctor Web, Trojan.Click3.9243.

This Trojan is distributed as a popular program Installmonster (also known as Zipmonster), known to those skilled security as a tool, which is often used by virus writers. This Trojan is hiding in the form of a web browser Ad Expert Browser. License Agreement browser indicating that the tool can sometimes run ads while surfing the internet, but in fact the real purpose of the Trojan is completely different. After running on the infected computer it creates hidden Windows desktop and runs many processes that are used by Trojan.Click3.9243 to load different websites and start clicking on the ads. It is worth mentioning that the Trojan tries to mimic the behavior of a real person: scroll web pages, mimics the movement of the mouse cursor and starts the videos using the built-in codecs after having turned off the sound, to minimize the risk of diagnosis by a real user. During the action is malicious software that sends criminals to the list of running processes and estimated the degree of CPU load.

After analyzing the signature of this Trojan, analysts have come to the conclusion that the creators Trojan.Click3.9243 may be those criminals who are responsible for malware Trojan.Zadved.1.

experts. safety Doctor Web recommends refraining from installing programs from suspicious sites and the use of anti-virus software with the current signature database.