Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Bkdr_reload.p

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Bkdr_reload.p
# 1  
Old 07-13-2008
Bkdr_reload.p
This backdoor arrives on a system as a file dropped by other malware or as a downloaded file from a malicious Web site.

It monitors the Internet Explorer activities of the affected system, specifically the address bar. If a user visits any of the monitored sites, this backdoor recreates the legitimate Web site with a spoofed login page. The said routine tricks the user into giving out sensitive account-related information. It logs keystrokes entered by the user in the user name and password fields of the spoofed login page. It then closes the legitimate Web site once the backdoor recreates it.

This backdoor attempts to steal user information of online bank and saves it in LOGFILE1.TXT file. This routine risks the exposure of the user's account information, which may then lead to the unauthorized use of the stolen data.

It then sends the data it gathers to a public email address that uses smtp.terra.com.br domain server using its own Simple Mail Transfer Protocol (SMTP) engine.



More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT FREEBSD

biff

BIFF(1) 						    BSD General Commands Manual 						   BIFF(1)

NAME

     biff -- be notified if mail arrives and who it is from

SYNOPSIS

     biff [n | y | b]

DESCRIPTION

     The biff utility informs the system whether you want to be notified on your terminal when mail arrives.

     Affected is the first terminal associated with the standard input, standard output or standard error file descriptor, in that order.  Thus,
     it is possible to use the redirection facilities of a shell to toggle the notification for other terminals than the one biff runs on.

     The following options are available:

     n	     Disable notification.

     y	     Enable header notification.

     b	     Enable bell notification.

     When header notification is enabled, the header and first few lines of the message will be printed on your terminal whenever mail arrives.  A
     ``biff y'' command is often included in the file .login or .profile to be executed at each login.

     When bell notification is enabled, only two bell characters (ASCII 07) will be printed on your terminal whenever mail arrives.

     If no arguments are given, biff displays the present notification status of the terminal to the standard output.

     The biff utility operates asynchronously.	For synchronous notification use the MAIL variable of sh(1) or the mail variable of csh(1).

EXIT STATUS

     The biff utility exits with one of the following values:

     0	     Notification was enabled at the time of invocation.

     1	     Notification was disabled at the time of invocation.

     >1      An error occurred.

COMPATIBILITY

     Previous versions of the biff utility affected the terminal attached to standard error without first trying the standard input or output
     devices.

SEE ALSO

     csh(1), mail(1), sh(1), comsat(8)

HISTORY

     The biff command appeared in 4.0BSD.  It was named after the dog of Heidi Stettner.  He died in August 1993, at 15.

BSD
								  April 28, 2013							       BSD