Computer Emergency Response Team of India (CERT-In), the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain recently warned the Internet users from India about a new virus known as 'Golroted' which can steal all your banking and personal data.

The agency explains that once the virus infects a system successfully, it is capable of stealing Personal Identifiable Information (PII) from the affected machine that includes computer name, local date or time, Internet Protocol (IP) address, installed security software among other private and sensitive system details.

The virus which belongs to the deadly 'Trojan' category of computer viruses has been reported to have spyware functionalities. It is also being said that Golroted is targeting banking sites, online payment sites, email accounts, social networking sites among others and the stolen information is ex-filtrated to a pre-configured File Transfer Protocol server/web panels or to email addresses as attachments.

While the virus has spread rapidly across many countries, India seems to have topped the list with over 33% share while other nations such as Indonesia and Thailand follow the lead with 31% and 9% respectively.

Golroted first came to light in November 2014 and the cyber criminal gang behind the malware is said to be running several spam campaigns that send phishing emails with attachments that contain either exploited Microsoft documents or zip files containing possible keyloggers.

The virus is known to be very notorious for undertaking specific attacks with regard to banking and financial transactions, ultimately leading to loss of funds kept in the bank account.

These are the precautionary measures you can take to stay far from Golroted.

Do not allow administrative access to systems, with the exception of special administrative accounts for administrators, do not download or open attachment in emails received from untrusted sources or unexpectedly received from trusted users, do not visit untrusted websites and enable firewall at gateway or desktop level.

Vulnerable systems, whom the virus could target, should install and scan anti-malware engines and keep them up-to-date.

Do not follow unsolicited web links or attachments in email messages, limit or eliminate the use of shared or group accounts, turn off file sharing if not needed and disable "save credentials" feature in browsers, are some of the counter-combat measures.

Make use of a Password Manager as these are highly reliable and secure services that store all user passwords in a systematic and encrypted format. They also make it easier for users to manage the passwords of their multiple accounts with ease.

For enterprises, effective firewall security and web security can also play a crucial role.

However, if unfortunately you have been already attacked, here's how you can completely get rid of it.

You need to detect and remove all its vicious files, registries and processes.

Then, restore the system settings that have been altered by this nasty adware. Also, it is better for you to uninstall any other suspicious programs that have been recently added to your programs list in Control Panel.

Later, TrojanSpy:MSIL/Golroted.B should be removed as soon as possible before it drags you into an awkward situation or does more harm to your PC.

Tags : Golroted Virus