Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Panda Security’s weekly report on viruses and intruders

November 2008 by Panda Security

This week’s PandaLabs report looks at the BankoLimb.BW and Spammer.AKE Trojans and the Nakhatar.A worm. BankoLimb.BW modifies the Web pages of banks in order to steal users’ passwords when they access the page.

To do this, it registers as a Browser Helper Object (BHO), so it can monitor the pages users visit on the Internet. When a user visits a certain banking Web page, the Trojan injects its HTML code into the page and captures all information entered. This is then sent to the creator of the Trojan.

As if this wasn’t dangerous enough, this Trojan allows remote execution of code permitting an external attacker to control the system.

Spammer.AKE is designed to send junk mail to email addresses from infected computers. Once it has infected a computer, it downloads a file from the Internet containing addresses to spam and the subjects to use. These include:

- Hoje vai ser especial

- Uma longa jornada

- Palavras dos maiorais

- Um seculo de sabedoria

These messages contain a link claiming to point to some photos but which actually take users to a malicious file.

Nakhatar.A. installs on computers disguised as a Windows folder. When run, it closes some security and registry monitoring tools. It also disables other options including the Windows Task Manager.




See previous articles

    

See next articles