iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Crimeware Trojan Detected
Search:
[ news_security_news ]

Crimeware Trojan Detected



SecurityProNews
Staff Writer
2006-03-21

SecurityProNews: Insider Reports Insider Reports RSS Feed


PandaLabs has detected a new Trojan called Trj/Briz.A, whose main aim is to steal personal user data from affected computers. This code stands out because it specializes in stealing bank details and data from web forms and that its author customizes the code for hackers.

The code creation system gives hackers the option to generate a Trojan that cannot be detected by any antivirus protection, as the author checks it every day.

Apart from the code, cyber-crooks that buy this crimeware also get a complex system for controlling the status of the infection caused by the custom Trojan. This allows the client to get a list containing a large quantity of data about the infected computers: IP addresses, passwords and even the physical location of the computers. In this way, the cyber-crooks can always have their malicious activity under control.

PandaLabs is working, along with other companies to analyze and close all the sites related to this Trojan. The file that causes the Trj/Briz.A infection is called "iexplore.exe" It uses this name to pass itself off as Internet Explorer.

When it is run, it downloads different files and stops and deactivates Windows Security Center services and Shared Internet Access. It also collects information on programs like Outlook, Eudora and The Bat, which it sends to the attacker.

To make it difficult to detect and disinfect the Trojan, it also modifies the hosts file to prevent access to websites related to antivirus products.

This Trojan is the most complex example of the business network based on malware. Where as hackers used to create malicious code to simply have fun, they now have direct financial goals, designing their creations based on a criminal business model.

TruPrevent Technologies incorporated in Panda Software's solutions have detected this code without needing to be able to identify it first.


About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds