Win32.Tepfer is the latest computer threat which spreads via spam emails which are supposed to attract unsuspecting users’ attention. Why should someone open the email? Cyber criminals have decided to employ the latest hot news about the explosions in Boston and created different emails containing various subjects related to the issue. Some of the subjects are “Explosions at Boston Marathon”, “BREAKING – Boston Marathon Explosion”, and “Video of Explosion at the Boston Marathon 2013”.
The email contains a link which executes a Java Exploit once the receiver clicks the link and downloads a file such as boston.avi_______.exe. It has been observed that the links vary. They may end with /news.html or boston.html. Some of them are 18.104.22.168/ news.html, 22.214.171.124/ boston.html, 126.96.36.199/ news.html, and 188.8.131.52/ news.html. In order to deceive the user so that he or she does not suspect that a computer threat is downloaded, a new browser window containing a video of Boston’s events is displayed.
It has been found that the links load a Java applet which exploits a Java flaw. It is not clear to what botnet Win32.Tepfer belongs to, but it has been found out that the locations of the IPs detected are Taiwan, Netherlands, Japan, Russia and some other countries.
Win32.Tepfer is known to hides all the directories on a removable drive. Additionally, it is known that the threat is capable of creating new .LNK files on the infected removable file that has a command C:\WINDOWS\system32\cmd.exe F/c “start %cd%\game.exe.
It is crucial to remove Win32.Tepfer as it can steal valuable data and read the emails of the user. If you do not want to be manipulated by remote attackers and have your computer infected, do not wait and remove the infection in question right now.
If you know that Win32.Tepfer is on your PC but your anti-virus tool cannot detect it, implement our spyware removal tool SpyHunter. Not only will it remove the threat but will also make sure that the PC will not be transformed to a bot computer or affected in other ways. Below you will found our free scanner – use it to find out whether your computer is infected with Win32.Tepfer.