New Trojan variant steals confidential usernames and passwords

A Trojan variant named “Win32.LdPinch.kj’ can steal system usernames and passwords, get confidential data from applications and open a Backdoor in the compromised computer, say security experts at MicroWorld Technologies.
 
The multi-pronged malware comes as a hidden component of many free utilities and other greywares downloaded from the Internet. Once it infects a computer, the Trojan adds the URLs of many malicious Russian websites into the favorites folder, even as it makes changes in the registry to automatically activate the Trojan every time Windows is started.
 
Win32.LdPinch then steals authentication data of computers and application software and emails them to the malware author. The attacker can use it for hacking into the victim’s computer or performing operations in the compromised accounts.
 
It also comes with a Backdoor component which enables the blackhat to take over the computer. Sulabh Mahant, a Security Analyst with MicroWorld Technologies explains, “The Backdoor connects to the intruder via IRC channels. Now the hacker can run a remote command shell, upload and download files, create a network proxy, logon to malicious websites and download files from the Internet. Before you know, your computer is at the mercy of a man who has no face!”
 
An information stealing Trojan can become nightmarish for organizations if it manages to sneak into systems storing highly confidential and strategic files. As a result, the use of such Trojans in corporate espionage has risen dramatically over the last few years. For a home user, it can cost dear by way of theft of credit card and bank accounts, e-wallets and online game accounts.
Â




Share this