AutoCAD is a new platform for spreading trojan viruses

This post is also available in: Slovenian

Finding new ways of spreading viruses has also led to Autodesk AutoCAD product and to take advantage of the AutoCAD platform for changing the start webpage. What web page is the most visited on each computer? Start page, of course . Last week was spreading on internet two new AutoCAD Trojans: Trojan- Downloader.Acad.Qfas.b and trojan.Acad.Qfas.o . First in Asia, but this week it was blocked as malware on our mail server in Slovenia too .

AutoCAD Trojan

Trojans as malware are popular also for modifying the start webpage which redirects to the specific webpage full of ads. Websites are paid according to the amount of web traffic.

This viruses change start webpage in all browsers from IE , Chrome, Firefox to Maxthon and redirects web traffic to the sites , and .



Trojans are written in AutoLISP and VBA using file extension *.fas. Fas only a few virus scanners can fully

AutoCAD AEC on the Mac (1990) 2
AutoCAD (Photo credit: Shaan Hurley)

read , but now all AV can block these specific fas files. It is suspected to have originated from Russia.

AutoLISP is a programming language used by AutoCAD and its derivatives AutoCAD Map 3D , AutoCAD Architecture , AutoCAD Mechanical . In addition, AutoLISP is also used by other CAD applications such as FelixCAD , Bricscad , IntelliCAD .


Related viruses

Trojan.Acad.dwgun.e , Trojan.ACAD.Bursted.G , Trojan.Acad.Qfas.a , Trojan.Acad.Hybernate.SS , Trojan.Acad.B , Trojan.Acad.Hybernate , Trojan.Acad.Agent . a Trojan.Win32.VBKrypt.wlz , Trojan.Acad.Agent.a , Trojan.FakeAV – 3835 , Virus.ALS.Bursted , Virus.Acad , Trojan.Acad.Qfas.c , Troj / QFas – B Virus.Acad . Bursted.e .


For more details about Trojan.Acad.Qfas virus you can read article by Vigi Zhang , Kaspersky Lab Expert Article on Secure List .



Works as system engineer in Slovenian Enterprise in Microsoft environment focusing on security, deployments, SharePoint, SCCM and CheckPoint firewall. Author of successful blog about IT security, Microsoft tips & tricks, social media, internet trends.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.