1. /
  2. Security Response/
  3. Linux.Chapro


Risk Level 1: Very Low

December 20, 2012
April 3, 2013 2:47:07 PM
Systems Affected:
Linux.Chapro is a Trojan horse that injects a malicious iFrame tag into open Web page files. It also downloads a copy of Trojan.Zbot on to the compromised computer.

Note: Virus definitions dated April 3, 2013 or earlier may have detected this threat as Linux.Apmod.

Antivirus Protection Dates

  • Initial Rapid Release version December 20, 2012 revision 007
  • Latest Rapid Release version July 22, 2013 revision 032
  • Initial Daily Certified version December 20, 2012 revision 009
  • Latest Daily Certified version July 23, 2013 revision 002
  • Initial Weekly Certified release date December 26, 2012
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Downloads more malware on to the compromised computer.
  • Modifies Files: Injects iFrame HTML code into open Web page files.


  • Distribution Level: Low
Note: On May 14, 2015, modifications will be made to the threat write-ups to streamline the content. The Threat Assessment section will no longer be published as this section is no longer relevant to today's threat landscape. The Risk Level will continue to be the main threat risk assessment indicator.
Writeup By: Branko Spasojevic

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report