|
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
| Malware Advisories (RSS) Malware Security Advisories Via RSS |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Troj_zbot.op | iBot | Malware Advisories (RSS) | 0 | 07-17-2008 11:50 PM |
| Troj_zbot.nj | iBot | Malware Advisories (RSS) | 0 | 07-10-2008 01:10 AM |
| Troj_zbot.mz | iBot | Malware Advisories (RSS) | 0 | 06-30-2008 02:10 PM |
| Troj_zbot.lm | iBot | Malware Advisories (RSS) | 0 | 06-27-2008 05:10 AM |
| Troj_zbot.mh | iBot | Malware Advisories (RSS) | 0 | 06-18-2008 10:20 AM |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
07-26-2008
|
|||||
|
|||||
|
Troj_zbot.pk
This Trojan arrives as a downloaded file from a certain URL.
It downloads a configuration file from a certain Web site. The said file contains information where the Trojan can download an updated copy of itself, and where to send its stolen data. This configuration file also contains targeted bank-related Web sites to monitor from which it steals information. Once users access any of the monitored sites, this Trojan starts logging keystrokes. It saves gathered information in a file then sends it to a remote site through HTTP post. It creates a mutex to ensure that only one instance of itself is running in memory. It checks for the presence of processes which are related to Outpost Personal Firewall and ZoneLabs Firewall Client. It then terminates the said processes. It has rootkit capabilities, which enables it to hide its processes and files from the user. More... |
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Threaded Mode
