TROJ_ARTIEF.EDX

TROJ_ARTIEF.EDX is a malicious .rtf file that exploits a buffer overflow vulnerability to install a backdoor Trojan onto your computer. Because TROJ_ARTIEF.EDX also drops a safe text document and is distributed by an e-mail that claims to offer Tibet-specific advice for operating Apple products, victims of TROJ_ARTIEF.EDX attacks may fail to realize that their computers have been attacked at all. TROJ_ARTIEF.EDX spam e-mail attacks bear a strong resemblance to similar attacks by similar Trojan droppers like TROJ_ARTIEF.LIN, TROJ_ARTIEF.ZIGS, TROJ_SCRIPBRID.A and TROJ_PIDIEF.EGQ, all of which use similar exploits and e-mail-based scams to encourage you to install harmful software. You can avoid both TROJ_ARTIEF.EDX attacks and similar PC threats by avoiding any contact with suspicious e-mail file attachments, and SpywareRemove.com malware research team encourages you to scan any e-mail file via suitable anti-malware software before you download it onto your computer.

TROJ_ARTIEF.EDX – When Text Documents Attack!

Although TROJ_ARTIEF.EDX really is an .rtf file, this format isn't chosen for its harmlessness, but rather, for its ability to exploit vulnerabilities in Microsoft Office and Open XML File Format Converter. In particular, the following versions of Microsoft Office are vulnerable to TROJ_ARTIEF.EDX's attack: Service Pack 3 for XP/2003, Service Pack 2 for 2007, 2010, and 2004/2008/2011 for Mac. Like similar PC threats, TROJ_ARTIEF.EDX is distributed in spam e-mail messages; in TROJ_ARTIEF.EDX's case, these messages pretend to offer advice on how to implement a newly-developed 'Input Method' for Tibetans that want to use Apple iOS 4.2 products. TROJ_ARTIEF.EDX, as an attached file, can be avoided by deleting the e-mail message without any further interaction on your part.

If you do fall victim to launching TROJ_ARTIEF.EDX, TROJ_ARTIEF.EDX will proceed to install a variant of the backdoor Trojan BKDR_RILER.SV that also includes the virus PE_SALITY.AC. These PC threats are designed to enable backdoor access to your computer for high-level security attacks and may also infect .exe files on your hard drive. Since the danger and sophistication of any successful TROJ_ARTIEF.EDX attack is quite high, SpywareRemove.com malware researchers suggest detecting and deleting TROJ_ARTIEF.EDX's payload with appropriately powerful anti-malware scanners. It should also be noted that TROJ_ARTIEF.EDX also drops a completely safe Word document (entitled 'document.doc') to keep your eyes off of its real payload.

What You Can Do About TROJ_ARTIEF.EDX and Its Intrusive Friends

Besides infecting other files, PC threats that are installed by TROJ_ARTIEF.EDX can also insert their code into normal system processes to guarantee their clandestine and automatic operation. Due to the advanced nature of TROJ_ARTIEF.EDX's payload, manual detection or deletion of a TROJ_ARTIEF.EDX-associated PC threat is inadvisable if any other options are available. However, if your PC doesn't use a vulnerable type of word processor software (as noted earlier in this article), TROJ_ARTIEF.EDX will be unable to complete its attack even if TROJ_ARTIEF.EDX is launched. Since very similar PC threats can use different exploits, SpywareRemove.com malware experts recommend that you scan any file attachment before you attempt to download or open it.

Ignoring a successful TROJ_ARTIEF.EDX attack can have severe consequences for your computer, and, depending on the files that are infected, may even result in damage to your operating system. The primary risks that SpywareRemove.com malware researchers have associated with TROJ_ARTIEF.EDX's payload include loss of control over your computer, the possibility of other PC threats being installed, and the potential for informational theft, all of which are standard for many types of backdoor Trojans like those that TROJ_ARTIEF.EDX installs.

Technical Details