Support Home

Welcome to USA2net's Technical Support homepage. Here you will find information regarding USA2net's email, troubleshooting guides, useful links, and USA2net suggested . As always, feel free to contact us during office hours (8am-5pm, Mon-Fri) or email us at anytime. Thank you for giving us the opportunity to serve you!

I need assistance with...

Latest Malware Alerts

XLoader Android Spyware and Banking Trojan Distributed via DNS Spoofing

We have been detecting a new wave of network attacks since early March, which, for now, are targeting Japan, Korea, China, Taiwan, and Hong Kong. The attacks use Domain Name System (DNS) cache poisoning/DNS spoofing, possibly through infringement techniques such as brute-force or dictionary attacks, to distribute and install malicious Android apps. Trend Micro detects these as ANDROIDOS_XLOADER.HRX.

These malware pose as legitimate Facebook or Chrome applications. They are distributed from polluted DNS domains that send a notification to an unknowing victim’s device. The malicious apps can steal personally identifiable and financial data and install additional apps. XLoader can also hijack the infected device (i.e., send SMSs) and sports self-protection/persistence mechanisms through device administrator privileges.

The post XLoader Android Spyware and Banking Trojan Distributed via DNS Spoofing appeared first on .

XTRAT and DUNIHI Backdoors Bundled with Adwind in Spam Mails

We discovered a spam campaign that delivers the notorious cross-platform remote access Trojan (RAT) Adwind a.k.a. jRAT (detected by Trend Micro as JAVA_ADWIND.WIL) alongside another well-known backdoor called XTRAT a.k.a XtremeRAT (BKDR_XTRAT.SMM). The spam campaign also delivered the info-stealer Loki (TSPY_HPLOKI.SM1).

DUNIHI (VBS_DUNIHI.ELDSAVJ), a known VBScript with backdoor and worm capabilities, was also seen being dropped with Adwind via spam mail in a separate incident. Notably, cybercriminals behind the Adwind-XTRAT-Loki and Adwind-DUNIHI bundles abuse the legitimate free dynamic DNS server hopto[.]org. The delivery of different sets of backdoors is believed to be a ploy used to increase the chances of system infection: If one malware gets detected, the other malware could attempt to finish the job.

The post XTRAT and DUNIHI Backdoors Bundled with Adwind in Spam Mails appeared first on .

Ransomware XIAOBA Repurposed as File Infector and Cryptocurrency Miner

Currently, cryptocurrency miners are heavily used by malware—we’ve seen miners injected onto ad platforms, on popular mobile devices, and servers. Malware creators change payloads to maximize their chances to make a profit, and in this volatile cryptocurrency landscape, they seem committed to integrating miners into their arsenal. We are now also seeing binary infectors using miners to suit their needs.

The post Ransomware XIAOBA Repurposed as File Infector and Cryptocurrency Miner appeared first on .

Our Services

High Speed Internet Get connected with High Speed Internet! Digital Home Phone Low cost home phone service