Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
2 entries found.
Virus:Win32/Alureon.G
Virus:Win32/Alureon.G is a detection for system drivers infected by members of the Win32/Alureon family.
Win32/Alureon is a multi-component family of trojans involved in a broad range of subversive activities online in order to generate revenue from various sources for its controllers. Mostly, Win32/Alureon is associated with moderating affected user's activities online to the attacker's benefit. As such, the various components of this family have been used for:
- modifying affected user's search results (search hijacking)
- redirecting affected user's browsing to sites of the attacker's choice (browser hijacking)
- changing DNS settings in order to redirect users to sites of the attacker's choice without the affected user's knowledge
- downloading and executing arbitrary files, including additional components and other malware
- serving illegitimate advertising
- installing Rogue security software
- banner clicking
Win32/Alureon also utilizes advanced stealth techniques in order to hinder the detection and removal of its various components.
As some variants of this trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer.
Alert level:
severe
Trojan:Win32/Alureon.DH
Trojan:Win32/Alureon.DH is a member of Win32/Alureon - a multi-component family of trojans involved in a broad range of subversive activities online that generate revenue from various sources for its controllers. Mostly, Win32/Alureon is associated with moderating an affected user's activities online to the attacker's benefit. In the wild, Trojan:Win32/Alureon.DH is used to download and install other malware, such as Rogue:Win32/FakeCog.
Alert level:
severe