Cyber Security Center

What is the Wacatac Trojan


Wacatac is a trojan that infects computers without users noticing and performs various malicious activities. This malware is distributed using email attachments, malicious downloads, and software cracks. Once installed, the trojan can steal highly-sensitive information (e.g. login credentials), as well as allow other malicious infections like ransomware to install. It’s a very dangerous infection that can do a lot of damage, which is why it’s essential that you remove Wacatac Trojan as soon as possible.

 

Trojan

 

Wacatac is a trojan-type malware infection that primarily targets sensitive information like passwords and banking information. Trojans can be pretty sneaky and stay in the background while stealing data. A trojan may log all your passwords as you’re entering them, as well as show fake screens when you’re trying to log in somewhere. This could allow the cybercriminals operating this trojan to gain access to your accounts.

The main target of this trojan is your banking credentials and information. If the malware is able to steal your payment card details, malicious actors can make purchases using them. And if the malware can intercept as you’re logging into your online banking account, the cybercriminals could steal your money, leading to significant financial loss. Trojans can also operate as a backdoor for other malware to enter. For example, Wacatac Trojan could allow a ransomware infection to install. Ransomware could essentially take your files hostage by encrypting them and demanding that you pay a ransom to get a decryptor.

Even without an anti-virus program installed on your computer, you should be able to notice certain symptoms that signal a trojan infection. The Wacatac Trojan will likely make your computer laggy and slow. Programs may crash randomly or not launch at all, and you will notice unknown processes in Task Manager. These are some of the most noticeable signs. However, to accurately identify the trojan, you need to scan your computer with anti-malware. Trojans have different capabilities so you need to research which particular trojan was infecting your computer. For example, Wacatac Trojan can steal highly sensitive information, which is why you’d need to change your passwords.

Malware distribution methods

According to users, their computers got infected with Wacatac Trojan when they downloaded pirated software via torrents. This is not surprising because torrents are often used to distribute malware. The majority of torrent sites are very poorly moderated, and this allows malicious actors to upload torrents with malware in them. It’s very common to find malware in torrents for movies, TV series, video games, and software. This is one of the reasons why using torrents to download copyrighted content for free is not a good idea. In general, you should not pirate paid content and software because it’s essentially stealing.

Other malware distribution methods include email attachments and vulnerabilities. Malware distribution via email attachments is a somewhat low-effort method for cybercriminals. Malicious actors purchase thousands of email addresses from various hacker forums, attach a malicious file to an email, and send it off. When users open the attachments, the malware can initiate. Fortunately, malicious emails are usually quite obvious. First of all, they are full of grammar and spelling mistakes. Because senders usually claim to be from legitimate companies (e.g. DHL), the mistakes are very out of place. Another sign hinting at an email being malicious is generic words like User, Member, Customer, etc., used to address you instead of your name. Emails whose attachments you would need to open will address you by name (or the name you have given the company emailing you). But while most malicious emails will be quite obvious, some campaigns can be more sophisticated. We strongly recommend that you scan all unsolicited email attachments with anti-virus software or VirusTotal before you open them.

It’s very important that you carefully choose from where you download programs and content. Avoid third-party and unfamiliar websites, and instead, download programs from official websites. You should also research programs extensively before downloading them.

Lastly, it’s very important that you regularly install updates. Malware often uses vulnerabilities to enter computers. But developers usually patch these vulnerabilities before they can be exploited, so it’s essential that you install updates in a timely manner. If possible, turn on automatic updates.

Wacatac Trojan removal

While you may notice signs of a trojan being present, you won’t be able to identify it without an anti-malware program. Scan your computer with anti-malware software, and the program will delete Wacatac Trojan for you. Trojans can perform various malicious activities, including stealing login credentials. So if this trojan was found on your device, change all your passwords using a safe computer. You should also turn on two-factor authentication for all your accounts.

Wacatac Trojan is detected as:

  • Win32:CrypterX-gen [Trj] by AVG/Avast
  • Trojan.Zmutzy.Pong.2 by BitDefender
  • Trojan.Zmutzy.Pong.2 (B) by Emsisoft
  • Win32/PSW.Fareit.A by ESET
  • TrojanSpy.Win32.NEGASTEAL.THGABAI by TrendMicro
  • Trojan.Gen.NPE by Symantec
  • PWS:Win32/Fareit by Microsoft
  • Trojan.Win32.VBKryjetor.bzrz by Kaspersky

Wacatac Trojan detections