New Version of the Gozi Trojan tries to use PDFs to Access Your Computer
Published by Sierra Monica B., on October 26th, 2007 5:56 pm, in the categories: Software
The version of the Gozi Trojan was discovered this Tuesday while Russian hackers started to spread malware-tainted PDF files used to hijack computers remotely and steal all financial-related data.
This way, the Adobe PDF Reader is transformed into a malware installer that loads the Trojan on the computers.
Don Jackson, a researcher for SecureWorks, warns Adobe Reader’s and Acrobat’s users to upgrade immediately to the newest version.
He also highlighted the fact that only 26% of the antiviruses are offering protection against this malware type.
Here are a few names under it can be detected: OrderGun, Germ, Orderjack, Pinch, Small.BS, Ursnif, Snifula and CWS.
The Gozi Trojan is based on Winsock2 functionality that permits it to snoop on traffic even when it is protected in Secure Socket Layer sessions.
More than that is using customized server/database code to collect the sensitive data.
Read more details about how it acts here.
(No Ratings Yet)
If you liked this post, subscribe to our blog by email:
Be the first one to comment!