AZORult Info-Stealing Trojan is distributing a fake Windows utility

Be careful, a fake website is there on the Wild which pushing a PC cleaner tool for Windows is nothing but a front for a AZORuit Trojan virus. This Trojan virus is distributed for the sole motive to steal the browser’s passwords, FTP passwords, cryptocurrency wallets, desktop files and personal informationand many more stored on the victims’ computer. Cyber criminals use such details in their illegal activities to generate revenue. As you already know, these malicious activities can create the huge risk of privacy and identity theft.

Despite of having different methods for the malware infiltration at present such as exploit kits, spam email attachments, or drops by any Trojan virus, the Cyber criminals are successively dropping their AZORult Info-Stealing Trojan by creating a fake Windows utility and an accompanying web site.

G-Cleaner or Gcleaner.info

Last month, security researchers Benkow discovered one of such websites named gcleaner.info that advertising as a Window junk cleaner tool G Cleaner or Garbage cleaner. However, the site looks legitimate, promoting the program, users get convinced and download it into their system and then observe the adverse behavior of their device.

After the G- Cleaner intrudes, it downloads the main component of the fake PC cleaner and saves them to the C:\ProgramData|Garbage Cleaner or C:\PrgoramData\G-Cleaner folders and starts executing a random file to steal the computer’s passwords, data, wallets and other information.  It connects the PC settings to command and control server by the gate.php and upload a encrypted.zip file that includes the data that get harvested.