Home Malware Programs Trojans Trojan.Win32.Kryptik.ake

Trojan.Win32.Kryptik.ake

Posted: July 25, 2013

Threat Metric

Ranking: 12,336
Threat Level: 9/10
Infected PCs: 1,810
First Seen: July 25, 2013
Last Seen: October 11, 2023
OS(es) Affected: Windows

Trojan.Win32.Kryptik.ake Screenshot 1Trojan.Win32.Kryptik.ake is a Trojan dropper that installs malware (such as the infamous Zeus banking Trojan) onto your computer – usually after your browser has loaded a malicious site requesting you to install a fake Flash update. Trojan.Win32.Kryptik.ake has been distributed by at least two separate attacks thus far, both of which use spam messages themed after the recent birth of Britain's latest prince to lure in victims. These attacks largely are precipitated by e-mail spam, but also may use other means of distributing malicious links, such as social networking websites or instant messengers. Because Trojan.Win32.Kryptik.ake's payload includes high-level PC threats with sophisticated ways of evading security features, SpywareRemove.com malware experts encourage the use of powerful and updated anti-malware products for protecting your computer from Trojan.Win32.Kryptik.ake-related attacks and removing Trojan.Win32.Kryptik.ake or any malware that's installed by Trojan.Win32.Kryptik.ake.

Trojan.Win32.Kryptik.ake: Why Interest in Gifts for Royal Babies Can Lead to Your PC Accepting a 'Gift' You Don't Want

Trojan.Win32.Kryptik.ake uses a classic 'poisoned apple' approach of being distributed through spam messages that claim to have reports from such organizations as CNN or ScribbleLive regarding the status of newborn prince, George Alexander Louis. Some of these are particularly themed to appeal to United States residents, such as in one case of a spam e-mail message pretending to offer an entertaining treatise on the baby gift-giving habits of US presidents. In all cases, spam messages that are intended to distribute Trojan.Win32.Kryptik.ake attacks are formatted to look like legitimate communications from the relevant organizations, including all appropriate logos and forged 'From' fields.

Once you've actually taken the bait, your browser will be redirected to the often-used fake Flash update strategy, which is enabled by none other than the infamous Blackhole Exploit Kit. This exploit kit, covered by SpywareRemove.com malware experts in a previous article, installs malicious software onto your computer by searching for software vulnerabilities – many of which can be disabled by installing the appropriate security patches. This time, Blacole's payload is Trojan.Win32.Kryptik.ake, a Trojan dropper that installs a variant of the banking Trojan Zeus (also known as Zbot – a Trojan that steals online banking information) and Medfos (a Trojan downloader that often hijacks your Web searches).

The Consequences of Jumping to News without Taking a Look for Danger Beforehand

Trojan.Win32.Kryptik.ake and similar Trojan droppers usually (but not always) will be configured to delete themselves after they've installed their own payloads onto your computer. This allows well-concealed malware – like Zeus, which has been known to use such advanced defenses as Master Boot Record-based rootkit attacks – to attack your PC without many, if any, symptoms that would lead you to suspect that anything is wrong. SpywareRemove.com malware researchers particularly warn that both Trojans installed by Trojan.Win32.Kryptik.ake include threat-downloading functions of their own that can allow a single Trojan.Win32.Kryptik.ake infection to spiral out of control if left unattended.

To keep the security of your PC, not to mention the privacy of your confidential information, intact, you should use anti-malware software to delete Trojan.Win32.Kryptik.ake immediately, and be prepared for automatic installation attacks that may not require your consent for downloading any of the fake Flash updates mentioned previously. Provided that all Web security features are enabled, most competent anti-malware products should be able to block these attacks and similar ones before they can infect your computer with Trojan.Win32.Kryptik.ake.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



update_flash_player.exe File name: update_flash_player.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Additional Information

The following messages's were detected:
# Message
1Kate and William bring home royal baby boy
2No baby buggy will do. The president and first lady must find a special gift to honor the special relationship between the United States and the United Kingdom.
3Washington (CNN)— What will the Obamas get the royal wee one? Sources say it’s a topic under discussion in the White House and at the State Department.

Loading...