English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
Net-Worm.Win32.Aspxor
| Detect Date | 04/18/2016 | |||||||||||||||||||||||||||||||||
| Class | Net-Worm | |||||||||||||||||||||||||||||||||
| Platform | Win32 | |||||||||||||||||||||||||||||||||
| Description |
This malware family is related to the Asprox botnet. These worms can send spam, download and run programs specified by the cybercriminal, and collect the personal data of the user of an infected computer (such as saved passwords and email and FTP credentials). Malware of this family is spread via spam. It may also propagate by searching for vulnerable websites hosted with ASP (Active Server Pages) on Microsoft IIS (Internet Information Server) servers. SQL injection is used to insert redirection code into pages on these websites (in an iframe object). When a user visits the hacked website, the inserted code redirects the user’s browser to a series of low-level domains containing malicious JavaScript code. In the process of this redirection the browser ultimately opens a website containing an exploit tailored to a vulnerability in a particular browser or operating system. This code causes the browser to automatically download a copy of Net-Worm.Win32.Aspxor malware to the user’s computer. Top 10 countries with most attacked users (% of total attacks)
* Percentage among all unique Kaspersky users worldwide who were attacked by this malware |
|||||||||||||||||||||||||||||||||
| Find out the statistics of the threats spreading in your region |