This week's PandaLabs report deals with the BatGen.D malicious tool and
the Sinowal.VUW and YahooPsw.S Trojans.
BatGen.D is a tool used by cyber-crooks to generate malware.
Once run, the tool displays a short tutorial on how to create the
desired malware, starting with its name. Once named, the malicious code
is copied to c:\chosen_name.bat.
With this tool cyber-crooks can choose, just with a click, the malicious
actions to be performed by their creations on infected computers:
spread across P2P networks, infect .rar files, shut down the victim's
computer at random, etc You can see a photo of the console here:
http://www.flickr.com/photos/panda_security/2968157479/
"These tools make it extremely easy to create malware strains and they
are behind the current avalanche of malware, with an average of ten
thousand new malware strains detected every day", explains Luis Corrons,
Technical Director of PandaLabs.
The Sinowal.VUW Trojan, a member of the most dangerous malware families,
is designed to intercept applications and monitor Web pages visited. The
Internet addresses of these pages are compared to those of a Spanish
bank. If they match, the access credentials are stored and the user is
prompted to enter a set of banking data. This data is then sent to the
Trojan creator through a Web page.
Also, the Trojan installs a rootkit on the MBR (Master Boot Record, or
"zero sector") to avoid detection by security solutions.
YahooPsw.S reaches computers with a barcode icon. This Trojan is
designed to steal Yahoo!Messenger passwords. To do this:
* It acts as a keylogger.
* It captures screenshots.
* It logs mouse movements.
Data stolen are sent to several email addresses.
Finally, this week, PandaLabs has reported the relationship between the
stock market trends and malware. According to Panda Security's lab there
is a close relationship between the stock market decline and the malware
surge. More information at
http://www.pandasecurity.com/spain/homeusers/media/press-releases/viewne
ws?noticia=9407
<name of Trojan>.exe
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic