Be aware of the Tofsee trojan, as this Trojan is packed with anti-virus features.
What?! Yes, the Tofsee trojan is capable of infecting and curing machines which have been infected with other types of malware.
The Tofsee trojan has been researched by the DrWeb security team, and they provided the following information about the Tofsee Trojan.
Sometimes users disregard the need to protect their computers with anti-virus software, and as a result their systems get infected. It can be said that, in this respect, users whose computers are infected with the multi-componentTrojan.Tofsee are a little luckier than other people— apart from the spamming it does, the Trojan can also cure a system of other threats, and, surprisingly, it is quite good at it.
How does it spread
Trojan.Tofsee is spread in a variety of ways: via Skype, social networking sites, and removable drives. In the first case, criminals use the most common social engineering techniques and try to convince users that shocking videos and photos of them are available on the Internet. Although this approach has been used by virus distributors for many years, people still fall into this simple trap.
A special module, which is downloaded by the malware from a criminal-owned server, is responsible for distributingTrojan.Tofsee via Twitter, Facebook and VKontakte, as well as through Skype. Messages sent by the module are generated using the template found in the configuration file. Messages sent to users of social networking sites are created in the users’ expected language.
The message text contains a link to the page where the user can supposedly access the reputation-damaging videos and photos. However, to view this content, the user is prompted to download the browser plugin which in fact is Trojan.Tofsee.
It is not only the Facebook environment which is being targeted by the cybercriminals to spread their malicious application. The hackers are using various resources (Twitter, Skype, Chats) to infect unaware people with the Tofsee Trojan. As you can see in the first picture, the hackers behind the trojan have crafted a fake website which looks like the Facebook environment. This scheme is being used by scammers and hackers to infect people with malicious codes and money generating surveys.
The Tofsee Trojan uses a bitcoin grabber to create a revenue for the administrators behind the Tofsee Trojan. Take a look at the security tips which will help you to stay safe. The following collection of security questions can be used to discuss the security status of your company.
A lot of the information has been copied and pasted from the Dr. Web article on the Tofsee Trojan.