Also known as: Horabot spam tool, Horabot bot
Type: Banking trojan, phishing botnet
Variants: Win32:Trojan-gen, Trojan.GenericKD.67338119, Trojan:Win32/Casdet!rfn
Damage potential: Stolen credentials, data theft, financial loss, network spread, backdoor capabilities
Horabot trojan is malicious software that functions both as a banking trojan and a phishing botnet. This dual functionality allows Horabot to steal the victim’s credentials and financial information, access their email accounts, and send phishing emails with malicious attachments to all contacts in the victim’s mailbox. While most other trojans have a broader reach, Horabot specifically targets Spanish-speaking users in the Americas.
Horabot has similar signs to other trojans, such as:
Unauthorized access to online accounts
Noticeable increase in pop-ups and redirects
Sluggish computer performance
Frequent crashes and system restarts
Increased disk activity
Sources of infection
You might inadvertently download Horabot trojan onto your device by:
Opening links or attachments in phishing emails
Clicking on malicious ads
Visiting compromised websites
Downloading files from peer-to-peer networks or software from unofficial sources
Using USB drives and other removable media infected with Horabot
Trojans like Horabot can cause severe damage, so it’s crucial to stay vigilant online.
Avoid opening links or attachments in suspicious emails.
Block malicious websites and ads with NordVPN’s Threat Protection.
Install a reputable antivirus or anti-malware solution.
Make sure your operating system and other software you use are updated.
Use complex passwords and enable two-factor authentication (2FA) to add extra security to your online accounts.
Consider using a firewall to block malicious traffic.
Here’s a step-by-step guide to help you get rid of the Horabot trojan, using reliable antivirus or anti-malware software. But if you’re not confident handling the removal yourself, you should get help from an IT professional.
Disconnect from the internet.
Enter Safe Mode. You can do so by restarting your computer and pressing the F8 key before the Windows logo appears.
Back up important data.
Run a full system scan.
Remove infected files by following the instructions of your antivirus or anti-malware program.
Restart your computer.
Change your passwords, especially the ones for your online banking and email accounts.
Watch out for any suspicious activity on your banking accounts and emails.