Panda Security’s weekly report on viruses and intruders
December 2008 by Panda
This week’s PandaLabs report looks at the BankerFox banker Trojan, the Azero.B virus and the P2PShared.U worm, distributed through a fake McDonald’s email message.
Banker.LAX is designed to steal bank details. To do this, it drops a library on targeted computers passing itself off as a legitimate Firefox plug-in. Then, if the user accesses the website of their bank, the malicious code will capture all the information entered. The malware creator will then use this information to empty the users’ accounts. This malware can steal passwords from more than one hundred banking institutions.
"Oddly enough, this Trojan affects Firefox only, whereas cyber-criminals usually exploit Internet Explorer", says Luis Corrons, technical director of PandaLabs. "The reason for this is the increasing number of people who are using this Internet browser. As always, cyber-crooks target the most popular tools to affect as many users as possible. It is very likely that we will see more attacks like this in the future."
Azero.B is a virus designed to infect executable files by inserting malicious code at the beginning of their code. Also, it replaces the computer wallpaper with an image with the following text: ""Hello Administrator! If you have seen me you are same as a Fool guy" .
Also this week PandaLabs has discovered a fake email message that pretends to be a special Christmas promotion from McDonald’s but really is a bait to spread the P2PShared.U worm.
The message subject is "Mcdonalds wishes you Merry Christmas!" and the text body reads as follows:
"McDonald’s is proud to present our latest discount menu. Simply print the coupon from this Email and head to your local McDonald’s for FREE giveaways and AWESOME savings."