Worm.Ramnit is Malwarebytes’ detection name for a specific worm that is able to steal information from the compromised system.
The primary task of Worm.Ramnit is to steal information from the compromised system. It does this by downloading component files that perform particular tasks. For example, one of its components is capable of stealing cookies in order to hijack banking and social media sites. Another component is capable of giving threat actors remote access to the affected system.
Worm.Ramnit arrives on affected systems via removable and fixed drives, public FTP servers, exploit kits, or bundled with potentially unwanted software. Sometimes, it can also be dropped by Virus.Ramnit.
Malwarebytes protects users from Worm.Ramnit by using real-time protection.
Malwarebytes can remove Worm.Ramnit without further user interaction. However, it is also advisable to call legitimate computer technical support services should one encounter complications.
It is also recommended to change all passwords that could have been stolen from the affected system.
You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.
Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.
On the Quarantine page you can see which threats were quarantined and restore them if necessary.
Select your language