Home Malware Programs Malware Forshare

Forshare

Posted: December 20, 2019

Forshare is a threatening Trojan horse, which acts as a backdoor when planted on a target PC. Thanks to Forshare, the cyber crooks behind the attack are able to bypass the computer’s authentication algorithms. If planted successfully, Forshare may be used by those crooks to smuggle additional malware into the host machine.

Forshare is not a New Threat

Although Forshare first hit the headlines in May 2017, it has since been deployed in various attacks on a regular basis. One of the most recent campaigns to deliver the Forshare executable was related to the MyKings Botnet. In this attack, Forshare served as a backdoor for planting a Monero cryptominer.

As soon as the crooks start executing the Forshare Trojan, the latter modifies a couple of Registry entries to ensure that it will load during system startup. Only then does it open the backdoor to fetch additional malware from a remote server. Depending on the malware it has downloaded, Forshare may inflict countless damage to the host PC, ranging from executing commands and deleting entire user accounts to managing processes and tampering with the Registry. Last but not least, Forshare may even plant a keylogger to harvest login credentials and data.

Handling a Forshare Infection

Mitigation techniques require the usage of firewalls and reputable AV solutions. Keeping a fully patched, up-to-date system helps a lot, as well. The same goes for limiting file sharing, disabling the AutoPlay functionality, and managing admin-level access whenever possible.

Loading...