What is TeamSpy?

TeamSpy is a highly dangerous malware application which is another example of espionage against private companies and governmental institutions around the world. However, the highest number of victims is estimated to have been registered in Russia and Ukraine. TeamSpy exploits TeamViewer in order to get remote access to the computer. The threat is installed as a legitimate remote access tool (RAT); as a result, anti-virus programs cannot detect and remove the infection.

What does TeamSpy do?

The malware uses the functionality of TeamViewer to turn on the microphone and web-camera, download malicious files and perform other illegal activities. In order to take advantage of the RAT, 9 additional custom-built modules are employed. They are used to collected BIOS information and details about operating systems; to records key strokes and make screenshots; to install an alert-avoiding system; to ensure stealth and persistence and so on. In order make sure that the infection is not detected, a module called Avicap32 is utilized.

TeamSpy is used to steal .doc, pdf, .xls and other files and to look at the documents that contain words “pass” or “secret”.  It can steal secret crypto keys and passwords which would enable the attackers to commit other cyber crimes.

It has also been detected that and are two main servers that have been used by the attackers. The servers have been used by other attack campaigns, too.

How to remove TeamSpy?

It is important that this threat does not get to the PC. To prevent TeamSpy or any other malware attacks, it is advisable to use a legitimate anti-spyware program and keep it up-to-date. team recommends that you install SpyHunter as not all anti-virus programs can detect infections which are identified by this spyware removal tool. If you are certain that your computer is not infected by any threat, you can use our free scanner. It will scan the PC and list infections which have to be removed from the computer.

100% FREE spyware scan and
tested removal of TeamSpy*

Leave a Comment

Enter the numbers in the box to the right *