Fake Super Rabbit stolen Trojan broke the QQ soft keyboard

Recently, micro-point active defense software to automatically capture a "TROJAN-PSW.WIN32.QQPASS.FBT" of the Stolen Trojan horse. The QQ theft Trojan is currently raging on the network, reminding customers to increase vigilance. After micro-point anti-virus expert analysis, the QQ theft Trojan also "covers" a variety of current hacker technology, delete a variety of anti-virus software and firewall startup items, so that it can not start automatically when the boot, turn off automatic Updates, trying to use the automatic playback function to trigger the Trojan program running; monitor all open forms, Forcibly close the name contains "Qqkav", "Qqav", "anti-virus" and other words of the form, the virus file into the QQ part of the process, through the hook to obtain QQ number and password, will be stolen account number and password sent to hackers through the mail.

According to the micro-point anti-virus experts, the virus in the name of the well-known software "Super Rabbit" icon to confuse users (shown in Figure 1), with great deception. In addition, hackers in the preparation of the virus to try to break through the QQ soft keyboard password protection technology. "QQ Soft Keyboard password protection" (shown in Figure 2) is the QQ2006 official version of the new user login password protection measures: Users login QQ input password, you can click on the soft keyboard keys to enter the password, at the same time, every time Open QQ login window, soft keyboard key values are randomly changed, To ensure that the password entered is not stolen by the keyboard record Trojan. And the author of the theft Trojan Horse is the use of some of the user habits and inertia psychology: the use of a soft keyboard landing QQ window, through the mouse click to enter the password can be guaranteed password security is not stolen. In fact, the QQ theft Trojan has taken into account the QQ soft keyboard password protection of the use of security measures, the Trojan program activation, trying to intercept the soft keyboard window issued by the text message to obtain the user through the soft keyboard input account information, thereby breaking soft keyboard password protection technology.

Figure 1 for the QQ stolen Trojan sample diagram

Figure 2 for QQ soft keyboard password protection function

The diagram is a warning chart of security software with active defense function

Figure is a known feature alarm map after the micro-point upgrade

Micro-point Anti-Virus experts remind you: the theft Trojan is extremely cunning and covert, very harmful. Remind the broad masses of netizens to use security software to check the system security in time. Active defense technology can completely eliminate this type of theft Trojan on the user's obsession, we recommend that the majority of users to use active defense security software, and completely eliminate the harm of such viruses.