PWSteal.Fareit

Fareit is a multiple-component family of Trojans that are capable of stealing personal information and using your PC's resources to launch DDoS attacks. Unhappily, Fareit's development is ongoing, and recent analyses have led to the conclusion that Fareit also has been modified to include Bitcoin-mining functions. Such functions are capable of impacting your computer's performance heavily, but, since the inevitable slowdowns that accompany Fareit's Bitcoin-mining attacks also may allow you to detect an otherwise unnoticed Fareit infection, this downside may prove to be a double-edged sword for the criminals profiting off of Fareit attacks. However, all variants of Fareit are dangerous for your computer, and SpywareRemove.com malware analysts can't recommend a better way to get rid of Fareit than using appropriately advanced anti-malware tools to disinfect your PC.

Fareit: Forcing Your Computer to Be a Link in a Counterfeiting Chain

Previously, Fareit was most well-known for having a component devoted to stealing confidential information and a second component that was related to DDoS (Distributed-Denial-of-Service) attacks that crash websites with simulated traffic. The spyware half of Fareit, identified as PWS:Win32/Fareit, targets account login information for FTP programs like Smart FTP, as well as website account-based login info that's saved in your browser. Passwords, user names, port numbers and similar information all is compromised and transferred to criminals, who may use the stolen information to hijack your accounts.

Recent developments in a variant of Fareit have shown that criminals apparently are interested in adding extra functions onto Fareit. SpywareRemove.com malware researchers connected this new version of Fareit to a Russian erotica website that, like so many malicious sites, uses the Blackhole Exploit Kit to install Fareit without the victim's consent. If you're in the habit of visiting Russian erotica sites (or, based on attack campaigns that SpywareRemove.com malware researchers analyzed previously, any erotica websites whatsoever), the standard defenses against BEK, of course, still apply to defending your computer against the threat of a Fareit infection.

The new version of Fareit also includes Bitcoin-mining – a technical function that generates fraudulent Bitcoin currency and, in the process of doing so, using up hefty amounts of your PC's CPU, RAM and other resources. Because Bitcoin-mining is such a resource-intensive function, you may notice system slowdowns, instability in other applications and related problems that can be helpful for identifying a potential Fareit infection.

Severing Your PC from Fareit's Line of Crime

Normally, Fareit can't distribute itself, but SpywareRemove.com malware experts have seen some variants of Fareit (such as Worm:Win32/Phorpiex.M) include functions that could allow them to infect your local networks and/or your removable devices. For safety's sake, you shouldn't share any flash drives and prevent other PCs from contacting yours until you've confirmed that Fareit has been deleted.

Like similar PC threats that prefer to hide in the background, Fareit will not show any major evidence of its presence, and it should be deleted by a qualified anti-malware program. SpywareRemove.com malware experts usually suggest restarting your PC in Safe Mode before any attempt at removing Fareit, which will increase your software's chances of detecting Fareit without any interference.

Technical Details