This is a very dangerous spyware which lures the users perform tasks that may result in malicious routines or programs on their programs. It comes as a Christmas card and deceives the user that they are not accessing any malicious sites.
Effects:
- It downloads a configuration file from a remote URL that contains a list of online sites to monitor
- Bypasses the Firewall which allows attackers to inject the malicious code
- Monitors Browsing History that invokes key loggers to log the data file
- Sends the gathered data to remote sites which helps the attacker to do malicious activities.
- It modifies registry entries to enable its automatic execution at every system startup and the hosts files that will disable some sites being used by the user.
- This will enable try to steal sensitive data like banking information, user names and passwords
- It attempts to steal information, such as user names and passwords, used when logging into certain banking or finance-related websites
- It terminates the process outpost.exe and zlclient.exe if they are existing on the system which helps it to run uninterrupted.
- It also has rootkit capabilities, which enables it to hide its processes and files from the user.
0 comments:
Post a Comment