A new version of the trojan horse, Terdot, has apparently been unearthed by the research community, that is infamous for stealing crucial browsing information. It has been reported that this kind of trojan not only has the ability to hack credit cards and banking information, but is also capable of stealing information from social media and email accounts.For the uninitiated, Terdot is one of the most complex malwares, which had spread across most of the countries in 2009. Reports cite that nearly 3.6 million PCs had been infected through the malicious links in emails in the United States in 2009, and the virus had apparently hacked vital information and credentials from various websites of renowned biggies such as NASA, Bank of America, and Amazon.
Currently, the Terdot trojan, that operates on the legacy of Zeus, has now been developed with a different iteration that allows it to access user information from Facebook, Gmail, Yahoo, and Twitter accounts. In addition, the virus can modify traffic to and from these websites as well.
According to sources, Terdot also has the ability to get automatically updated and modified. The virus gets downloaded when the trojan operator requests, post which it can run any kind of executable file and update new features anytime, thereby preventing Terdot from getting detected by virus scanners and other virus programs.
Cybersecurity experts predict that Terdot may severely cripple e-mail security, social media, and banking operations if it is allowed to spread. It has also been suggested that the malware might have a connection to Russia, as it has primarily targeted the United Kingdom, Australia, and the United States, excluding Russia.
Taking into account the further problems related to the detection of Terdot trojan, researchers have pointed out that in order to restrict the virus into web systems, organizations could adopt the two-vector approach. This approach will reportedly help in targeting institutions to cover cyber-attack vectors and will help to identify the users, who may be at risk of man-in-the-middle attacks. Furthermore, the two-vector approach is likely to favor users by reminding them not to click unverified links, cite reports.