This week, new Trojans steal money and passwords.

Banker. HIK is one of the more widely spread "banker Trojan" malware. It is used to steal information about online applications. It mainly steals information about Brazilian bank users, such as Banco do Brasil or CEF. It will display a false page and trick the user into entering the bank information. Once the user enters the information, the Trojan can use the information freely.

Banker. HIK can also monitor the transmission of information on specific webpages to obtain more user data. The trojan will copy itself to the start bar of the system's "start" menu, so that the trojan will run every time the computer starts. One of the tricks of Banker. HIK is to display the "Socket Error #11004" message, so you can find the trojan based on this.

The second trojan in the report is Wsnpoem. AW, which can also steal user passwords. This malicious code will delete all Cookies on the computer, which forces the user to re-enter the address to access in the address bar.

Wsnpoem. AW also modifies or creates related files in the Registry and start menu, so that the trojan runs automatically whenever the computer starts. The trojan will create the mutex "_ system1_64ad0625 _" mutex, which is a process in memory and will prohibit two duplicates from running at the same time.

Dadlam. A is another trojan in this week's virus report. This trojan is a key-record Trojan, which poses less threat to users. This trojan hides itself from the video icon and displays the video content with pornographic information to fool users. In addition, Dadlam. A can modify the boot. ini file and create A task plan to restart the computer.

The main threat of Dadlam. A is that it can introduce two types of malicious programs to the victim computer. The first type is IRCbot. ASM, which is a backdoor Trojan that scans all computer ports to find the most vulnerable one. The second is called Downloader. OBW, which downloads other malware to the victim computer.

Dadlam. A cannot be transmitted by itself. It requires user participation to access the computer through normal channels, including downloading another malware to the computer or downloading it to the computer through A malicious web page.

========================================================== =====

Reference: This week's trojans: Banker. HIK, Wsnpoem. AW and Dadlam. A