Today's virus warning: Beware of "online game thieves" Stealing players' account passwords

Source: Internet
Author: User
Tags remote ftp server

Beware of "online game thieves" Stealing game player account passwords

Jiang min reminds you today (September 23) that: In today's virus, TrojanDownloader. VBS. Small. bo "Small dot" variants bo and Trojan/PSW

The. GamePass. yln "online game thieves" variant yln is worth noting.

Virus name: TrojanDownloader. VBS. Small. bo

Chinese name: "Xiao Bu Dian" variant bo

Virus length: 287 bytes

Virus Type: Trojan download

Hazard level:★

Affected Platforms: Win 9X/ME/NT/2000/XP/2003

TrojanDownloader. VBS. Small. bo the "Small dot" variant bo is one of the latest members of the "Small dot" Trojan downloader family and is written in VBScript language. The "Small dot" variant bo is usually embedded in a malicious webpage. If the user's computer does not install the corresponding vulnerability patch released by Microsoft, when a user uses a browser to access a malicious webpage with the "small dot" variant bo, the user will connect to the remote FTP server specified by the hacker in the background of the infected computer, download malicious programs and execute them automatically on infected computers. The downloaded malicious programs may include web game Trojan Horse, backdoor gray pigeon, and multi-function Trojan downloader, reducing the security level of infected computers and causing losses to users.

Virus name: Trojan/PSW. GamePass. yln

Chinese name: yln, the "Online Game thief" variant

Virus length: 10240 bytes

Virus Type: Trojan

Hazard level:★★

Affected Platforms: Win 9X/ME/NT/2000/XP/2003

Trojan/PSW. GamePass. yln the yln variant "online game thief" is one of the newest members of the "online game thief" Trojan family. It is written in C and shelled. After the yln variant of "online game thief" is run, it copies itself to the specified directory of the infected computer. Self-injection is carried to the zookeeper er.exe process in the infected computer system to hide itself and prevent it from being killed. Modify the Registry to enable automatic startup of Trojans. Secretly monitors the title of a window opened by a user in the background, and steals information about gamers, such as the game account, game password, repository password, role level, and computer name of online game players, the stolen confidential information is sent to the remote server specified by the hacker in the background, causing loss of the player's game account, equipment, items, money, etc., causing great losses to the game players.

According to rising global anti-virus monitoring network, a virus is worth noting today: "Agent Trojan variant YQO (Trojan. Win32.Agent. yqo. The virus will automatically send a message named "IMG -????. Zip "(???? Is four random numbers), the user will be poisoned after the operation.

Popular Viruses today:

"Agent Trojan variant YQO (Trojan. Win32.Agent. yqo)" virus: vigilance★★★☆Worms spread through MSN, depending on the system: WIN 9X/NT/2000/XP.

This virus will automatically send "zhe shi wo de luozhao: o qing bu yao fa gei bieren!" via MSN !!." , "Yi zhang wo gen wo pengyou zui hao de zhaopian: s !!." "Here are my private pictures for you (my private photo for you)" and other tempting information will then try to send a message named "IMG -????. Zip "(???? Contains four random numbers, for example, img-0356.zipw.img-1574.zipw.img-1715.zipw.img-3606.zip. The user will be poisoned after receiving the operation. In addition to spamming MSN messages, the virus also tries to connect to the IRC server "www. vnc ***. com" to allow hackers to remotely control the computer infected with the virus.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.