It has been reported that variants of a new malware family, dubbed as "Golroted", having spyware functionalities are spreading. These malware typically spread through spear phishing mails having attachments as Zipped archives (key loggers) or Microsoft Office Document exploits or via removable drives.
Once infected successfully, the malware steals Personal Identifiable Information (PII) from the victim machine that includes-computer name, local date /time, IP address, installed security software etc. Golroted is reported as targeting banking sites, Online Payment sites, email accounts, social networking sites etc. The stolen information is exfiltrated to a preconfigured FTP server /web panels or to email addresses as attachments.
The spyware is capable to log key strokes, capture screenshots, scrap web browsers for saved passwords, browsing history etc.
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003