PandaLabs informs that over the last few days, several variants of the Haxdoor family of Trojans have emerged. These Trojans use rootkit functions and try to steal confidential user details in order to commit online fraud and identity theft.
The new variants of Haxdoor detected by PandaLabs have several common characteristics. These characteristics include their capacity to install a rookit -a program designed to hide objects, such as processes, files, or entries-. The Haxdoor Trojans use this rootkit to hide themselves on the computer from both the user and the majority of traditional security solutions.
Similarly, all of the new variants detected are designed to steal passwords for popular Internet services, such as eBay, ICQ, Pay Pal or Web Money, and for many email clients, including Outlook Express or The Bat! A malicious user could use these details to carry out online fraud and identity theft.
These Trojans also make the necessary modifications so that the firewall installed on the computer authorizes their malicious processes. By doing this, they ensure that there are no obstacles to prevent them from sending out the stolen data.