Spyware Warrior :: View topic - Trojan redirector targeting more than 100 banks

Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances

FAQ :: Search :: Memberlist :: Usergroups :: Register

Profile :: Log in to check your private messages :: Log in

Trojan redirector targeting more than 100 banks

Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts

View previous topic :: View next topic

Author

Message

quietman7
Warrior Addict

Joined: 20 Dec 2004
Last Visit: 28 Mar 2012
Posts: 768
Location: Virginia, USA

Posted: Mon Mar 20, 2006 9:42 am Post subject: Trojan redirector targeting more than 100 banks

Quote:

Websense® Security Labs™ has received reports of a Trojan Horse which targets users of more than 100 financial institutions in the United States and Europe. Once installed on a user's machine, the malicious code checks to see if there is an active window open (either "my computer" or Internet Explorer). If one of these applications is not open, the malicious code modifies the contents of the hosts file on the local machine with a list of sites all pointing to localhost (127.0.0.1).

The web server uses the hostname received to serve up pages for that particular target. There are more than 100 different phishing brands hosted on this site, all with unique pages for the particular attack.

See screenshots here: http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=447
_________________
Microsoft MVP - Consumer Security 2007-2012

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

Display posts from previous:

	Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts	All times are GMT - 8 Hours
Page 1 of 1

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum