128 views 11 pages ~ 2802 words
Get a Custom Essay Writer Just For You!

Experts in this subject field are ready to write an original essay following your instructions to the dot!

Hire a Writer





The development in information technology is one of the dynamic fields in the modern world. Information technology has created several vital aspects of the contemporary society which are termed as a milestone in the technology field. However, it has attracted a variety of cybersecurity criminals who are now taking advantage of the developments in the sector for their gains. The information technology sector has become a victim of fraudsters who are introducing their programs to sabotage and engage in unlawful practices. As a result, several cases of fraud, discomfort, and infringement of the privacy of the consumers in information technology have been reported in the United States of America. This has attracted the attention of the authorities in the country including the FBI and Cybercrime police unit (Rahman, 2017).

Fleercivet Malware

It is one of the standard types of malware in the modern society. It falls in the family of Trojan malware, and it is a common malware to computer and even smartphone users. Fleercivet is a click fraud malware. This means that a computer user becomes vulnerable to this malware by clicking it either intentionally or unintentionally. Fleercivet often pops out when the user is browsing or working on his/her computer. It comes with enticing offers that a computer user may find them to be of importance, but upon clicking them, it may prove otherwise (Rahman, 2017).

The malware works by hijacking other common browser engines in the computer, which may include Opera mini, Chrome, Internet Explorer, or Firefox. The sole aim is to generate revenue to their creators from the pop-up advertisements which they create after hijacking the sites without knowledge or the consent of the browser. For instance, one may be checking specific information that he/she has keyed in on the search engine. In the process, Trojan through Fleercivet hijacks the operation and shows something different from what one was searching. In most cases, the illustrated content is advertising of one or another product (Sikorski & Honig, 2012).

The application may also perform other operations on the computer. It may undertake other various harmful activities simultaneously. This implies that apart from showing pop up advertisements without the consent of the persona, Fleercivet may also conduct other operations fast and concurrently with other procedures. It may collect personal information which it replicas direct to the creators of the malware and also may contribute to the installation of other additional cyber threats on any windows used by the client. As it loads the unspecified ads, fleercivet sends signals of the browsing history, personal data, and other relevant information to the creators and this might be used to blackmail the user of the machine. This malware may also force the computer user to download and install software from untrusted sources, thus risking the computer, files, and personal information (Sikorski & Honig, 2012).

Read also: Hire the best essay writers and receive a plagiarism-free paper.

What is Known about the Developers

The developers of fleercivet are the same developers developing Trojan. Trojan is responsible for developing various malware in the information technology field. The revolution in the information technology industry has created one of the most successful and entrepreneurial malware developers, like Trojan, which have produced various malware and viruses in the industry for their financial gain in cybercrime world. As a result, Trojan created fleercivet to get and gain unscrupulous traffic from the pop-up advertisements that they enforce without the consent of the user (Malin & Eoghan, 2012).

How the Malware is Delivered

A network known as the Southurbot enforces and installs fleercivet in a person’s computer. Upon installation the application allows operations in the machine to run in the background without the knowledge of the user. As the operations continue, a person incurs several loses regarding data and traffic and may witness continues decrease of his data without even using them. This southurbot also retrieves personal information, which includes the C&C with a query of DNS and the response that is generated as a DNS TXT record, which in turn is communicated directly to the developers of the malware. The information sent is encrypted and used for reporting, task removal and also to get links to other necessary details of the user. Southurbot also works to initiate the download of additional malware to the computer making one vulnerable to all kinds of malware in the computer industry. After the application of Fleercivet as successfully installed itself to the machine, it reports directly of its existence to its developers and can be used or directed to get any information that is needed by the creators of the malware (Dunham, Hartman, & Morales, 2014).

Characteristics, Capabilities and Limitations of Fleercivet Malware

The malware has specific identifying components that can make it be defined. However, one needs to be very careful when hethey detect the malware on their computer. The malware might be installed in the machine but it is working in the background, and therefore its characteristics cannot be easily visible or identifiable. Some of the standard features of the malware are highlighted below (Elisan, 2015).

One of the universal nature readily exhibited on the malware is its ability to show pop up adverts. This usually happens when one is browsing. The displayed content may carry enticing messages with the intention of capturing the attention of the user. Many users have fall prey to this malware, and many people have reported opening such adverts only to lose critical data or even install other malware on their PCs (Elisan, 2015).

Another common characteristic of the malware is unusual and uncommon data lose. A person becomes prone to loss of information, file damages and even traffic charges, which are not accounted. As one opens and views the information showed on these adverts, he/she becomes susceptible to data loss and even traffic charges may be applied.

The capabilities of the malware vary from one computer to another depending on the damage installed or put in place in the machine. One of the most significant capacities of the malware is its ability to show information that one does not require and this might create a nuisance to the user. This unforeseen or unsearched information also may carry viruses that may damage the computer. The malware might also be capable of transferring ones’ personal information to the developers of the program. Thus, it might be used in crimes of cybercrimes, extortion and other related crimes that are on the rise in the information technology field (Dunham, Hartman, & Morales, 2014).

Limitations of the malware can be achieved through restrictions of its operations. However, this requires in-depth care and proactive checking on the activities of the PC to ensure its services are still active and the malware has not compromised its functions yet. Its limitation can, therefore, be enforced by providing that the compromised search engine is changed. For instance, if one uses Chrome as a search engine and finds out that fleercivet has hijacked its operations, they should turn to another search engine, like Firefox, or any other. This can limit its processes on the computer. Changing the search engine will ensure that the actions of the machine are kept safe and only adhere to the needs of the user. Fleercivet will work in the browser that it has hijacked. However, with time, it can divert the whole machine if not checked and detected on time (Dunham, Hartman, & Morales, 2014).

Changes the Malware Makes to the Host

Fleercivet malware is manipulative hardware. It affects the standard functionality of the computer by putting in place settings that are not desired without the consent of the machine user. The malware, therefore, has some adverse effects on the computer that might damage, abuse, or change the credibility of the data on the computer.

Fleercivet can change the search domains and the searched items on the computer. This can happen through changing what the person or the user of the machine is searching. In that case, what the person will be browsing will be compromised, and hence different information all together is displayed on the search engine. The malware therefore changes and gives various commands to the computer which are not necessarily the needs and the controls of the user. Unwanted information is extracted from the website which might damage or have adverse effects on the machine.

The malware can also create unnecessary files on the computer. The application can do this by downloading unwanted files and installing them without the consent of the user. Some of these files that the malware can create can be hazardous and can have a more significant impact on the computer while at the same time risking the files already installed in the machine. Fleercivet hijacks the normal functioning of the equipment to introduce harmful and usual records that may act as a source of viruses that may eat documents and be transferred to other computers, flash disks or USB cables that use the same network with the affected machine (Malin & Eoghan, 2012).

Cases of fleercivet malware creating unnecessary and damaging information on the computers have also been reported. The malware can introduce this by creating and submitting a software on the computer, without prior notification of the user that aims at sharing and transferring personal data without the knowledge or the authority of the host. For instance, the personal information, files, and data of the host computer are transferred through the network of the Southurbot to the developers of the malware. This information can be used to track the financial record, personal data (Sikorski & Honig, 2012).

The fleercivet malware can change the browsing option of the laptop to fit its usability and activeness in harvesting data from the consumer. The software can change the browsing option to be in default mode to suit itself and maintain itself in the machine. For instance, if a host computer has a variety of search engines, like Chrome, Safari browser, Opera Mini or Firefox, and the person has not in any way set the default browser, the malware can create its default search engine. This can then force the person to use as an only browsing option so that it can manipulate and control the browsing history of an individual. By controlling the search engine, the malware can create, disseminate, and monitor any operations that the consumer needs from the computer.

Files Created by Fleercivet after Installation

After the malware has installed itself on the computer without the consent of the user, it generates some corrupt data in the machine that enables it to function and send commands to its developers. These files are designed for the sole purpose of allowing the malware to receive commands and divulge the vital information of the host to the master, the Trojan (Sikorski & Honig, 2012).

The files that the malware may introduce in the host computer include:

  • Program files and system files;
  • Username, data manager, and roaming files;
  • Framework update and Google update files.

Registry Keys Created by the Malware

The malware then creates registry keys to enable it full control and manipulate all the functions of the computer to suit its existence and active power of the machine (Dunham, Hartman, & Morales, 2014). Some of the registry keys created include :

  2. Windows\Current Version and Google Update;
  3. User Name\App Data\Roaming;
  4. Framework\GoogleUpdate.

Ports Created

The Fleercivet malware then connects and executed the following ports on the computer:

  1. http:\\\geoip
  2. http:\\\image\tools.ico

Behaviors Exhibited Once Installed

After the malware has successfully established itself on the host computer, it performs and exhibits some behaviors. These behaviors can be visible or not depending on the keenness and seriousness of the user. In some cases, however, these behaviors cannot be seen, and it can, therefore, significantly affect the functionality of the computer (Malin & Eoghan, 2012).

After successful installation the malware can command the download of files and execution of additional data without prior notification of the user. These files might have a tremendously damaging effect on the computer if not checked on time. The downloaded records also may be carriers of virus which might be harmful to the computer and other connected devices.

The malware can also create and inject code into the suchost.exe to hide. After creating such a file, the malware can perform its functions without being noticed by the user of the machine. In this place, the malware remains unseen and undetected, but it can continue showing and executing some notifiable functions. This is where it can continue creating more harmful files without being noticed (Rahmna, 2017).

Also, a conventional behavior that can be easily seen is its ability to force the computer to click on advertisements through the internet without the commands of the computer user. The malware does this after hijacking the common and the used search engine, and in this case, it alters or gives no meaningful information to the user who brings a lot of nuisance and discomfort to the user, and this also leads to higher data charges.

The malware also gathers the geological and the position of the computer user and sends it to the developers of the malware. This is done by the malware through analyzing the search history and using the situation in the google maps of the individual without the authority of the host. In this case, one can be readily susceptible to fraudsters and other cybercriminals that may use his position to conduct unlawful practices (Rahman, 2017).

Data Collection

The malware uses the browsing history of the computer user, the geological position and the personal data stored or transferred using the computer to send or receive data of the person without notification. These data are then sent to the developers of the software.


The malware uses the network of Southurbot to send the information, signals, and the data to the computer user without the consent (Dunham, Hartman, & Morales, 2014).


The malware hijacks the normal operations of the computer and how it receives commands to create its own designed way of data collection and execution. In this way, it hijacks the search engines and replaces them with their commands making it unable to receive commands from the user, but the developers of the malware (Dunham, Hartman, & Morales, 2014).

Data Destruction

Fleercivet malware is programmed by the developers to hijack the operations of the computer, destroy data, and send personal information. Data destruction is achieved through damaging programs that store data, eating data files making data files unable to load or open.


Fleervicet malware is a tricky malware that knows how to hide itself making it unable to be only located through scanning the computer. Apparently examining alone cannot be used reliably to determine whether the malware has hijacked the computer or not.

How It Is Controlled

Fleercivet malware is controllable. However, it requires more and advanced methods to check whether the computer is affected by the virus or not. There are systematic responses that encourage all users to adhere to control the malware (Rahman, 2017).

One should use complex passwords on computer. Using and applying complex passwords makes the malware developers have a hard time when trying to crack passwords when they want to access computer. Using complex passwords makes machine safe from any interference from the developers of the malware. Passwords also help in minimizing damage when the device is compromised.

Disabling autoplay on PC. This ensures that files and any other executable files do not install themselves without notification. Autoplay and automatic launching of executable files once connected to the network will ensure that no operation is conducted when it is not required. This prevents malware from installing itself (Rahman, 2017).

One should also consider turning off file sharing when it is not needed. File sharing is an easy way in which malware can hijack a computer. One should also consider using password protection on file transfer services to have explicit notification of the file before finally fixing it.

The email server should also be set in a way that it can block or remove emails that contain file attachments that in most cases are used to spread threats on computers. The developers of the fleercivet malware can use anonymous emails sent to people’s inbox which upon opening can spread the virus (Rahman, 2017).



Dunham, K., Hartman, S., & Morales, J. (2014). Android Malware and Analysis. Boca Rata, FL: CRC Press.

Elisan, Christopher (2015). Advanced Malware Analysis. New York, NY: McGraw-Hill Education.

Malin, C., & Eoghan, C. (2012). Malware Forensics Field Guide for Windows Systems. Rockland, MA: Syngress Publishers.

Rahman, R. (2017). The efficiency of Civil Remedies Against Malware Attacks in the United States. Independently Published.

Sikorski, M., & Honig, A. (2012). Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software. San Francisco: Starch Press.

January 25, 2021



Law Enforcement

Number of pages


Number of words




Writer #



Expertise Cyber Security
Verified writer

Richard is the best writer for Data Science tasks, even if you have something really complex. I needed to do tasks on security matters and already had a draft. Sharing my ideas with Richard ended up in a perfect paper!

Hire Writer

This sample could have been used by your fellow student... Get your own unique essay on any topic and submit it by the deadline.

Eliminate the stress of Research and Writing!

Hire one of our experts to create a completely original paper even in 3 hours!

Hire a Pro