M86 Security Labs has reported about one more Trojan that has attacked hundreds of websites so far and you can also be one of its victims. The infection is called Cridex Trojan. It attacks websites that are based on WordPress. Usually you will get infected through email attachments that contain links with hijacked websites or malware such as TrojanDownloader:Win32/Skidlo.A. It can also be install via a drive-by infection (Exploit:JS/Blacole). One interesting thing about Cridex Trojan is that it can break a CAPTCHA test in order to email accounts.
Once installed, Cridex Trojan gets into C drive and start its malicious activities. The application communicates with C&C server through Fast flux networks which makes it very difficult to identify the infection. It looks for some live proxy in order to get access to C&C server. Cridex Trojan seeks to collect personal information of the users of infected machines such as banking information and social media sites passwords. Cridex is able to infiltrate code into HTML pages on websites contained in the configuration file. It enables the virus to monitor and manipulate cookies. Then its sends all collected data to the C&C server where it can be used for other malicious purposes. Cridex Trojanhas been detected to capture credentials of various banking sites. Here is a list of the most common ones published on the Internet:
bankofamerica.com
chaseonline.chase.com
citibank.com
cibng.ibanking-services.com
ebanking-services.com
ibanking-services.com
bankonline.umpquabank.com
nsbank.com
comerica.com
securentry.calbanktrust.com
express.53.com
homebank.nbg.gr
online.ccbank.bg
ebanking.eurobank.gr
itreasury.regions.com
wellsfargo.com
www2.firstbanks.com
Remove Cirdex Trojan once you got infected. Antivirus tools would detect this trojan by the name of Trojan-Dropper.Win32.Dapato.bjsl, TR/Cridex.EB.5, Trojan-Dropper.Win32.Dapato, Bredolab.gen.c,Troj/Bredo-ZF or W32.Cridex. Alas, not all of antimalware software is capable of removing this infection completely. If you suspect that a computer is infected, scan your system with a reputable antispyware program. Spyhunter is known to remove Cirdex Trojan and all its related instances automatically. Before running a scanner, make sure you upgrade your antispyware to its newest version. This will ensure that it will remove all threats that exist on your computer.
Automatic Malware removal tools
(Win)
Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,
(Mac)
Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,