Trend Micro is closely monitoring the latest Trojan outbreak that has affected several organizations around the world, being commonly referred to as KOVTER.
We assure you that the latest version of Trend Micro Security provides effective protection against KOVTER.
Summary
Kovter is a Trojan that can be downloaded by other malware/grayware/spyware from remote sites. It connects to certain websites to send and receive information. It deletes the initially executed copy of itself.
File Type: EXE
Memory Resident: Yes
Payload: Connects to URLs/IPs
How KOVTER infects your computer
- Kovter arrives as Adobe Flash Advertising attack.
- Latest Kovter variants are arrived as an attachment from spam mails. Macro based malspam.
Solution
Make sure you are using the latest version of Trend Micro Security. You can check here if you already have the latest version or follow instructions here to upgrade Trend Micro Security to the latest version.
Release Summary
TMTD Pattern: 168100
OPR Pattern Date: July 20, 2017
Additional Pattern Release for Kovter detection
TMTD Pattern: 168300
OPR Pattern Date: July 27, 2017
Additional Assistance
Trend Micro highly recommends that vendor critical patches should be applied as soon as possible upon release. Customers and partners who have questions are encouraged to contact Trend Micro Technical Support for assistance.