Moudour
Moudour is a RAT – or a Remote Access Trojan – that gives third parties extensive access to an infected PC, including functions for confiscating information. Because of its basis on a Trojan-construction kit, Moudour may be found in diverse circumstances with minor variations in traits such as its file names. No matter where or how you find Moudour, malware experts categorize this Trojan as a high-level threat, and removing Moudour through dependable anti-malware software is urgently recommended.
The Trojan Ghost in Your Machine
Moudour, more often known by its alias of Gh0st, is a RAT used for both giving third parties control over an infected PC and gathering sensitive information. Moudour's data-recording capabilities extend to taking screen captures, keylogging and capturing webcam input, but Moudour also may be used to issue system commands, enumerate files or download other threats. Symptoms of all of these functions rarely are visible, although malware experts do note that, as a toolkit byproduct, Moudour's behavior may differ in individual cases.
Significant Moudour campaigns may begin through e-mail, where the original installer is a disguised Microsoft Office file carrying embedded vulnerabilities. Unprotected PCs that launch these files allow Moudour, and possibly other threats, such as Backdoor.ADDNEW, to be installed automatically. Although Moudour may be equally effective against the public at large, its headline-grabbing fame largely is due to its use against non-profit organizations, governmental agencies opposed to the Chinese government and various large-scale corporations. Even as long ago as 2009, over one thousand separate machines were estimated to harbor Moudour infections. In 2014, Moudour still is a more than credible threat to any PC due to the extensive attack features built into Moudour by default.
An Exorcism for a PC with Moudour Problems
One organization known for using Moudour is Axiom, a group that has hacked websites and abused stolen e-mail addresses in campaigns targeting specifically-placed victims in areas like the United States national defense and the Tibetan government. Although Axiom rotates through many types of backdoor-capable Trojans, Moudour is one of the most potent pieces of malware in its toolkit, rating equally with the PoisonIvy RAT as an immediate and all-encompassing security risk. Moudour's associated network, the so-called GhostNet, has been tied to attacks against disparate regions of the globe ranging from India to New York.
E-mail security steps, such as scanning file attachments unconfirmed for safety, may detect the usual entrance methods exploited by a Moudour campaign's actors – including Axiom. Doing so is ideal, since an already-installed Moudour may show few or no symptoms of its attacks, even while allowing third parties to peruse data and modify your system files at their leisure. Although Moudour is nowhere near a new threat, its persistence shows that organizations like Axiom make the fight against threats as much about patching security tools to detect new variants as it is about detecting brand-new threats.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.