Fareit trojan pwns punters with devious DNS devilry

9 years ago
6 March 2015
1 reply
159 views

Userlevel 7

retiredAntus67
Community Guide
5988 replies

6 Mar 2015 at 13:31, John Leyden

DNS tricks used by the Fareit trojan mean users are tricked into downloading malware, seemingly from Google or Facebook
The latest variants of Fareit are infecting systems via malicious DNS servers, Finnish security firm F-Secure warns.
These servers push bogus Flash updates that actually come packed with malicious code, as a blog post by F-Secure explains.

When the DNS server settings has been changed to point to a malicious server used by Fareit, the unsuspecting user visiting common websites gets an alert saying 'WARNING! Your Flash Player may be out of date. Please update to continue'.full article

1 reply

Userlevel 7

+54

Jasper_The_Rasper
Moderator
10570 replies
9 years ago
6 March 2015

Posted on 06.03.2015 Researchers are warning about a new malware delivery campaign aimed at spreading Fareit, a password-stealing Trojan that can also download additional malware.

This campaign is targeting users who's DNS server settings have been changed to redirect them to malicious sites without their knowledge. This can be the result of a previous compromise of their routers via malware such as the DNSChanger Trojan, or a malvertising campaign such as this one.

However it happened, these users are now in danger of getting saddled with Fareit.
http://www.net-security.org/images/articles/fareit-06032015-small.jpg Full Article

Reply

We have recently updated our Privacy Policies. We encourage you to read the full terms here.

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded