Trojan.Win32.Bergard.A is a Trojan that targets the Windows platform. It is reported that this malware has been used in a watering hole attack against US Defense and Financial Services firms, where it was hosted on the compromised Forbes.com website. It is dropped onto a victim system via exploitation of the vulnerability identified by CVE-2014-9163, through a vulnerable Adobe Flash player. It is reported that exploitation of the vulnerability identified by CVE-2015-0071 may also be used in the attack. The malware contacts a remote server and identifies itself by sending various system information. Moreover, it receives control commands to download & execute files and send information. Furthermore, it modifies the Registry for the purpose of establishing persistence upon system restarts.

• Microsoft Windows All Versions