Terdot Trojan, the Identity thief

11/29/2017

Trojan Terdot is based on the famous Zeus malware,  it is hazardous, it can modify, spy and monitor various of your email, social media and bank accounts.

   According to MalwareBytes, It can monitor and modify your Facebook, Twitter, YouTube, and Google Plus traffic and spy on webmail platforms like Microsoft’s live.com login page, Yahoo Mail, and Gmail.

     According to the white paper published by Bidefender, the Trojan does not only target social media and emails but also bank accounts, some of the banks are the Toronto Dominion Bank, Banque Nationale, and Scotiabank. And interestingly, the malware is specifically instructed not to gather any data from vk.com, Russia’s largest social media platform.

    The Terdot Trojan is spread by email, using infected attachments,  It uses a complex method to download and activate the malware on the targeted system,  security  Once established, it uses its own security certificate to bypass TLS restrictions and set up a man-in-the-middle (MITM) proxy.

Bogdan Botezatu, Senior e-Threat Analyst at Bitdefender, told ZDNet:

Social media accounts can be also used as a propagation mechanism once the malware is instructed to post links to downloadable copies of the malware. Additionally, the malware can also steal account login information and cookies, so its operators can hijack the social network account and re-sell access to it

Be sure not to click on email attachments you are not sure of, stay away from suspicious sites, and to make sure that you’re secure install Samsoft Security.