Trochilus
Also known as: Trochilus RAT
Category: Malware
Type: Remote access trojan
Platform: Windows
Variants: –
Damage potential: Data theft, espionage, network spread
Overview
Trochilus is a remote access trojan designed for cyber espionage and remote device control. Using Trochilus, attackers can gain access to infected devices, extract system and user data — or just edit, move, and delete files without the victim’s permission. This remote access trojan has been around since 2015.
Possible symptoms
If your files start disappearing or getting modified without your knowledge, you may suspect an infection. In addition, you may notice the following:
Sluggish computer performance.
An unusual spike in network traffic.
Unauthorized changes in system settings or login attempts.
Alerts from security software.
Sources of infection
Trochilus typically lurks in malware-hosting websites, attachments in phishing emails, and P2P (peer-to-peer) networks. Additionally, cybercriminals might take advantage of vulnerabilities in outdated software to infect devices.
Protection
Always browse with caution to protect your devices from Trochilus.
Avoid downloading files or software from unofficial sources.
Be careful with email attachments, especially from unknown senders. Do not open suspicious links, media, or documents.
Use NordVPN to secure your online traffic.
Scan your newly-downloaded files for viruses and block malicious websites with NordVPN’s Threat Protection feature.
Make sure your operating system and software are updated.
Install a reputable antivirus solution.
Regularly back up important data.
Removal
Follow these steps to remove Trochilus from an infected device with antivirus software:
Disconnect from the internet to stop Trochilus from communicating with its command and control server.
Run a full system scan and follow the instructions provided by your antivirus software.
Restart your device.
Get in touch with an IT professional if you need further help.
