Number: IRCNE2014112369
Date: 2014/11/05
According to “techworld”, a new version of the The Rovnix Trojan that has spent 2014 quietly spreading across the Internet has infected at least 130,000 PCs in the UK to pilfer credit card data, security firm BitDefender has warned.
To date, Rovnix has largely been a nuisance for Windows PCs, causing a range of disruption from pop-up ads, programme interference, data theft and even blue-screen system crashes. Typically, the user will also receive bogus scareware error messages imploring them to pay money to make the issue go away.
According to BitDefender, 87 percent of the recent infections it had detected were in the UK, with smaller percentages noticed in Germany, Italy and the US.
“The campaign targeting the UK proves that the Rovnix botnet is still going strong,” said Bitdefender chief security strategist, Catalin Cosoi.
Eccentrically, Rovnix’s C&C Domain Generation Algorithm (DGA) had been set up to create 5-10 domains per quarter using the US Declaration of Independence to fuel its word list.
“They are obtained by concatenating words or their first half as long as the domain name is composed of a minimum of 12 and a maximum of 23 characters,” said Cosoi.
- 2