Home / malwarePDF  


First posted on 17 February 2020.
Source: Microsoft

Aliases :

TrojanClicker:Win32/Yabector.gen!B is also known as Trojan/Dropper.FrauDrop.jl, Trojan.Fakealert.7018.

Explanation :

TrojanClicker:Win32/Yabector.gen!B is a generic detection for a variant of Win32/Yabector. This variant notifies a Web server of its presence without user consent before being forwarded by a remote site to the online auction site "ebay.com". InstallationThis trojan may be bundled with other third party programs such as Foxit Reader, as an optionally installed component. When installed, Win32/Yabector may be present as a shortcut to the online auction site "ebay.com". Payload Notifies remote Web serverWhen a user visits the link, the Web browser is directed to the following site:  www.adon-demand.de/red/ This site then forwards the user to the site "ebay.com".  Analysis by Dan Kurc

Last update 17 February 2020