Devious banking Trojan Win32/Gataka, also know by such names as Trojan.Win32.Gataka!IK, Trojan:Win32/Gataka.D, and Win32/Gataka.B has been terrorizing operating Windows system users since February of 2011. Nonetheless, even though a lot of time has passed, the latent infection still prevails as one of the most dangerous Trojans, and this is mostly due to the fact that this malicious application can steal personal information and work as a sinister keylogger, collecting your personal accounts’ login details. Despite the fact that this Trojan has been initially targeted at the German Windows users, this treacherous, seemingly invisible program can invade any computer with low level protection, using a great number of infiltration channels. It must be mentioned that it is not easy to delete Win32/Gataka from any Windows OS, because this Trojan does not have an interface, it can be hidden from removal using rootkit techniques, and its invasion attacks are tremendously secretive.
What is extremely dangerous about the infection, is that this Trojan can be complemented by various additional plug-ins, which are meant to give the malicious applications missing capabilities, whether it be malware downloading, keystroke logging or browser hijacking attributes. Different elements help schemers behind Win32/Gataka to convey different scams, and known examples of attacks against German, Dutch banks, and U.S. daily newspaper, can all be separated by certain techniques. Unsurprisingly, all of this can be accredited to a few devious Trojan’s executables boonty.exe and file.exe.
Boonty.exe has been known to hijack, add, delete processes, record keystrokes, mouse clicks, steal login details, or even collect email addresses and contacts, which could enable cyber crooks to spread the dangerous banking Trojan infection across the Internet even further. The second malignant executable – file.exe, – has similar capabilities, but additionally can also modify Windows Security Policies to hide the infection from removal, compromise runtime policies, download malignant programs, and tamper with Firewall to allow undisturbed, unauthorized connection between target system and remote servers. Unfortunately, both of these files are polymorphic, which could create real difficulties to detect and delete them. For this reason, it is not recommended to remove Win32/Gataka components manually, as only most experienced Windows users will be able to identify the malign files over the authentic Windows ones.
Win32/Gataka is a highly treacherous and complicated infection, and we recommend having this keylogger Trojan deleted from your system with the assistance of automatic removal tools. Do not think for one second that polymorphic, rootkit hidden components will be easy to find, do not waste your time, and ensure that after successful infection’s removal, your personal data is secured against malware with reliable software.
- Connects to the internet without permission
- Installs itself without permissions
- Slow Computer
- Slow internet connection