- Installs itself without permissions
- Can't be uninstalled via Control Panel
Between January and February, a new dangerous Trojan had hit multiple computers. The Trojan is called Laziok, and it specifically targets computers of various energy companies in order to collect information of interest. However, the application may also infect your computer while looking for computers of interest. Therefore you ought to remove this infection in order to prevent information theft.
It is said that this malware initially collects information about the infected systems in order to determine if it has valuable information worth stealing. It collects information, such as the computer name, installed software, RAM size and hard disk space, GPU and CPU details, antimalware protection, and so on. If the computer does not have information Laziok is seeking for it stops its operations. However, if it does detect useful information, it downloads additional infections. Research has determined that the additional infections are custom versions of Cyberat and Zbot.
Laziok is distributed via spam emails coming from the Moneytrans.eu domain. The emails include malicious attachments that are known to utilize the Microsoft Windows Common Control ActiveX Control Remote Code Execution Vulnerability exploits. Alternatively, the attachment can contain an Excel file with an exploit code that infects Laziok if it is executed. So, you should keep an eye out for email spam, and remove it if you get any.
The email spam is known to come from servers operating in the US, UK, and Bulgaria. But these countries are not the ones that mostly get infected with it. It is estimated that the US and UK only receive 5 % of all infections each. At any rate, the infection mostly targets computers located in the UAE, Kuwait, Saudi Arabia, Pakistan, among other Middle Eastern countries. Note that the UAE receives the bulk of all infections of up to 25%.
Research has shown that the majority of the targets were linked to the oil and gas industries. It shows that the attackers have a strategic interest in this field and are pursuing some kind of agenda. Nevertheless, you should remove Laziok as it might also collect information about you regardless of whether it you have a stake in the energy sector, so you should definitely remove it.
Even though this infection is mostly distributed in Middle Eastern countries, you can still get infected with it in the west. Statistics show that the US and UK have a combined share of 10% of all infections. We recommend that you use a powerful malware scanner such as SpyHunter to remove Laziok from your computer, since it could be used to collect any kind of data.