Fake Super Rabbit with Trojan Code breaks through QQ's soft keyboard password protection

Recently, the micro point active defense software automatically capture a trojan named "Trojan-PSW.Win32.QQPass.fbt. This QQ account theft Trojan is currently rampant on the network, reminding users to be vigilant. According to the analysis by micro-point anti-virus experts, this QQ Trojan simultaneously "contains" a variety of currently popular hacker technologies and deletes startup items of various anti-virus software and firewalls, making them unable to automatically start upon startup; disable Automatic update, and attempt to trigger the trojan program by using the automatic playback function. monitor all opened forms and forcibly disable the forms containing the words "QQKav", "QQAV", and "Antivirus" in the names, inject the virus file into some processes of QQ. After obtaining the QQ number and password through the hook, the stolen account and password are sent to the hacker via email.

According to micro-point anti-virus experts, the virus uses the icons of the well-known software "Super Rabbit" to confuse users (as shown in figure 1), which is highly deceptive. In addition, hackers attempted to break through the QQ soft keyboard password protection technology when writing the virus. "QQ soft keyboard password protection" (Figure 2) is a new protection measure for user login and password input in the official version of QQ2006: when a user logs on to QQ and enters the password, you can click the key on the keyboard to enter the password, and each time you open the QQ login window, the key value on the keyboard changes randomly to ensure that the entered password is not stolen by the keyboard record Trojan. Hackers who write this trojan take advantage of some users' habits and inertia: they think that they use a soft keyboard when logging on to the QQ window, by clicking and entering the password, you can ensure the security of the password is not stolen. In fact, this QQ account theft trojan has taken into account the security measures used to protect the password of the QQ soft keyboard. After the trojan program is activated, attackers try to intercept text messages sent from the keyboard window to obtain the account information entered by the user through the keyboard, thus breaking through the password protection technology of the keyboard.

Micro-point anti-virus experts remind users that this trojan is extremely tricky and concealed, causing great harm. Remind the majority of users to use security software to check system security in a timely manner. Active Defense Technology can completely eliminate user-related problems caused by such Trojan horses. We recommend that you use active defense security software to completely eliminate the dangers of such viruses.