New T9000 Malware is Stealing Countless Users Private Data

If you were ever a fan of the Terminator movie franchise, you will know that Schwarzenegger’s Terminator character was a T-800 assassin robot. In part 2 (my personal favorite) Cyberdyne Systems kicked it up a notch with the T-1000 liquid metal based robot assassin. So when someone designs a virus and names it the T9000, you know that you’re dealing with a formidable force to be reckoned with.

Virus Warning

T9000 is even worse than a Cyberdyne creation.

Unlike the T-800 model Terminator, who was pretty hard to miss, the T9000 is able to wreak havoc without anyone knowing it is, or was ever there. Instead, it sits undetected on your computer while it stealthily steals all of your vital data. Like most malware, it steals your data from all of the usual places such as your documents and Web history. But it’s T9000’s ability to steal encrypted data, and Skype information (including the ability to store and record video from your Skype conversations) that really allows it to live up to its sinister robot assassin inspired name.

T9000 has expanded its preferred targets.

Initially, T9000 seemed to only be targeting large scale companies or high-profile individuals, however, it has recently expanded its targets to small to medium sized organizations and random individuals. Meaning, even if you’re awesome at flying under the radar, you are still very much at risk. This is because it works on any computer and is easy as pie to install

T9000 is security software resistant.

T9000’s ability to slip past security software programs is perhaps the most alarming fact related to this malicious app. This is because T9000 checks the targeted computer for as many as 24 popular security software programs, and then adjusts itself to be invisible to that program. It does this by installing in stages, then pausing at every stage to make sure that it isn’t being monitored by any security software, or security experts.

Fortunately, researchers at Palo Alto Networks have been able to reveal how T9000 is accomplishing this, and will soon be able to offer guidance to security software companies on what changes can be made to detect and remove T9000.

How to avoid a T9000 attack.

Luckily, T9000 isn’t entirely invisible if you know what to look for. T9000 arrives in a file with an .rtf (Rich Text Format). Fortunately, this is not a very common file extension to see anymore, so if you see one show up in your email, you should definitely be suspicious. And I feel like a broken record here, but again, I cannot stress enough how important it is to NOT OPEN or DOWNLOAD unsolicited email attachments of any kind. The same goes for clicking links in emails, as they may take you to malicious sites. Prevention is always your best defense against virus and malware. Too often, we consider security breach to be an event that only ever happens to the other guys, until the other guy is you.

Effortless 24/7 specializes in offering comprehensive and up-to-date security solutions that can detect and remove even the harshest security threats. Contact us today at (248) 681-7722 or send us an email at, to start implementing a security solutions plan that will best protect your organization from security breach and targeted attack.


Abizer and Effortless 24/7 have made a great improvement to our IT services. The installation went smooth and all issues are resolved quickly and professionally. We’ve been on board for almost a year and our productivity and satisfaction have increased drastically over our last provider.

  Diane Nardon, Director of Finance and Operations   

Keep in touch

Reach Us Effortlessly By Email