It is designed to steal username and passwords associated with a variety of popular websites such as YouTube, Google and PayPal, but also those linked to Chinese websites such as youku.com, tudou.com, sogou.com and soho.com. Taking that information together with the fact that the Trojan sends the stolen credentials to a server located in China, you can see why the researchers believe it coming from that country.
But,there is another thing that piqued their interest. Contrary to the typical behavior of Trojans who try to modify registry keys or take advantage of the autorun feature to ensure they will be run, this one looks for shortcuts located on the desktop or in special folders.
Then, it makes copies of itself and places them in the folders containing the linked files (often executables), renames those linked files into click_[original-file-name].exe and gives its copies the names of the originally linked files.
Alone
VISIT OUR SITE
0 comments:
Post a Comment
If you are asking some question on this comment
Click on subscribe by Email To Get the
Reply in Your Email Inbox.
Thanks For Reading.