Ramnit is one of the most dangerous threat which is active
today, it is a form of malware which is integrated with social engineering and
because of which an user can be victim of this malware very easily. Usually it
infects the .exe , .dill , .html files and also steals banking and financial information.
It is a multi component malware which spreads through removal devices such as USB Flash drive and stays stable until an user logged into his account.
It opens a backdoor which becomes easy for remote attackers
to access your system remotely and make sudden changes as per their wish.
It makes some terrify changes in your computer , due to which it becomes difficult to make any changes such as OS updates, install security software or any anti malware programs.
It makes some terrify changes in your computer , due to which it becomes difficult to make any changes such as OS updates, install security software or any anti malware programs.
Its steals browser cookies
Its steals login data and saved FTP and financial credentials.
How RAMNIT infect and work in a windows system?
When an user logged in into his Online bank account , then RAMNIT inject into a page where the user has to configure a phone number for one time password (OTP) or any other page to “set transfer processing system” where it execute a temporary phone number. Then it connect to the command server designed by the attacker where it dispatch the details . Then the user receive a temporary number via RAMNIT and a OTP from the bank’s server. When the user enter the both his is right in the traps because he has authorized a money transfer to the attacker’s account unknowingly .
When an user logged in into his Online bank account , then RAMNIT inject into a page where the user has to configure a phone number for one time password (OTP) or any other page to “set transfer processing system” where it execute a temporary phone number. Then it connect to the command server designed by the attacker where it dispatch the details . Then the user receive a temporary number via RAMNIT and a OTP from the bank’s server. When the user enter the both his is right in the traps because he has authorized a money transfer to the attacker’s account unknowingly .
How to detect RAMNIT in your system?
You can diagonanis your system by various system diagonis tools and can see the infected output below:
You can diagonanis your system by various system diagonis tools and can see the infected output below:
“REG:system.ini: UserInit=c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe”
How to get ride of
RAMNIT malware?
Its is not easy to get ride of such type of malware which
makes difficult to install security suit , but we have many options to try.
Microsoft has many free tools which can detect and remove
such threats .
Windows Defender for Windows 8 and Windows8.1
Microsoft
security Essentials for Windows 7
and Windows Vista
Option two:
Download eScan antivirus toolkit.
Start your PC in safe mode ( You can get the Safe mode option in BIOS under Boot settings )
Lunch the Toolkit and scan the complete hard drive.
Download eScan antivirus toolkit.
Start your PC in safe mode ( You can get the Safe mode option in BIOS under Boot settings )
Lunch the Toolkit and scan the complete hard drive.
Always use a strong password
Use a good Firewall software
Always scan the removal storage media
Perform system updates at least once in a month.
0 comments:
Post a Comment