Also known as: Graftor, Boht, Bezigate.
Category: Malware
Type: Backdoor trojan, keylogger, banking malware, spyware
Platform: Windows, Linux, iOS, Android.
Variants: Backdoor.Win32.Hupigon, Trojan.Win32.Hupigon, Backdoor.Win32.Graftor, Trojan.Win32.Graftor, Trojan.Win32.Boht, Backdoor:Win32/Bezigate.
Damage potential: system performance issues, unauthorized access, data theft, installation of undesirable software, network connectivity problems, malware infection, file corruption and loss, stolen keystrokes, system performance issues, network connectivity problems, browser interference.
Overview
Hupigon is a well-known backdoor trojan, also known as a remote access trojan, first caught in 2008. It’s commonly used to launch large-scale attacks using botnets, networks of compromised computers where malware sits idly waiting for orders. It’s also why Hupigon is equipped with tools to spread to other networks and devices.
Possible symptoms
Because Hupigon is often used in botnets, you may not see any significant changes in your system until your device is used in an attack. However, if hackers use the trojan to infiltrate other networks and devices, you can notice spikes in unusual traffic.
Other Hupigon symptoms include:
- Unwanted software. Hupigon can download and install additional malware, so you may find unfamiliar software or tools installed without your knowledge.
- System performance issues. Hupigon can be used to steal data and, as a result, cause your system to work harder, slow down, and experience lag.
- Unauthorized network traffic. Its C2 communication can result in unauthorized network activity such as unfamiliar IP addresses.
- Unexpected system behavior. Hupigon variants exploit systems differently, so unusual processes in the task manager and system changes are very likely.
Sources of the infection
Hupigon is spread through other malware such as Droppers, which is designed to pack and deliver more dangerous malware onto a system. Phishing emails, attachments, pirated software, and exploit kits are among the most common ways Hupigon infects a device.
Protection
Always keep your system up to date, which will help you protect against any malware spread through exploit kits.
Also, protect your device against Hupigon using the following tips:
- Be careful with unexpected messages containing links, .exe files, PDFs, and archives. Even if they’re from someone in your contacts, double check if they actually intended to send you anything.
- Keeping your security apps such as your antivirus up to date is a must.
- Browser extensions can be used to spread exploit kits, so disable the extensions you don’t use.
- Enable NordVPN’s Threat Protection Pro™. It’s a feature that uses a built-in malware scanner to review files before they’re downloaded to your device. If a file includes malware, Threat Protection Pro™ will block the download, safeguarding your device from unwanted trouble.
Removal
If you notice your system misbehaving, update your antivirus software and run a deep scan. While staying alert is always important, your antivirus should be able to remove Hupigon without the need to download additional removal software.
