Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Recent | Sitemap

TROJ_QHOST.JJ
BugsAlert Home > TROJ_QHOST.JJ
 
 

This Trojan arrives as a file dropped by other malware. It may also be downloaded by an unsuspecting user when visiting malicious Web sites.

Upon execution, it file drops a copy of itself in the current user's Temporary folder.

It modifies the HOSTS file resulting in redirecting the user to a certain IP address whenever any of certain banking-related sites are accessed.

It also opens a spoofed login page when a user accesses any of the monitored Web sites.

It attempts to retrieve information related to Mexico?s Banamex. It steals user names and passwords used in the aforementioned Web sites.

It uploads stolen information to a certain IP address.




Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_QHOST.JJ

Learn more about TROJ_QHOST.JJ
 
Tags: troj qhost.jj

Related Items
      CVE-2008-0772 (com_doc)

      CVE-2008-2267 (CMS Made Simple)

      PE_MABEZAT.B-O

      CVE-2008-2926 (Internet Security Suite 2007, Internet Security Suite 2008, personal_firewall_200...)

      FrSIRT - Vignette Content Management Privilege Escalation Vulnerability

      OSSIM Cross-Site Scripting and SQL Injection Vulnerabilities

      CVE-2008-3838 (Solaris, opensolaris)

 
© 2007-2009 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel