Europe

Europe Threats





August 2007









Spyware Up Close:





Monster.com recently had a

Trojan (Infostealer.Monstres) infect its

network and it stole more than 1.6 million personal

records. Criminals used the stolen names, e-mail addresses,

home address, phone numbers and resume identification numbers

to create convincing e-mail messages that contained malicious code.

Some of those messages included Banker.c, a password-stealing Trojan horse that monitored

the infected PC for log-ons to online banking accounts. When it sniffed a log-on in process,

Banker.c recorded the username and password, then transmitted the data back to the hacker

server. Moster.com has identified the rouge server that was being utilized by the hacker and

has shut it down. Monster.com has stated that it is reaching out to all affected users and will

continue to monitor the situation.









W E B R O O T S O F T WA R E , I N C . W O R L D H E A D Q UA R T E R S :



2 5 6 0 5 5 TH S T R E E T • B O U L D E R • C O L O R A D O • 8 0 3 0 1 • U S A



P H O N E : 1 . 8 0 0 . 7 7 2 . 9 3 8 3 • FA X : 3 0 3 . 4 4 2 . 3 8 4 6

Europe Threats





August 2007





Adware

Adware is advertising-supported software that displays pop-up advertisements. Adware is often bundled

with or embedded within freeware programs like screensavers, file sharing applications, messengers, etc.

Although seemingly harmless, some adware programs track your Web surfing habits and deliver that infor-

mation to a third party.



Worst case scenario: Adware may track a user’s online habits and transmit this information to a third

party. Additionally, Adware delivers pop-up ads which can cause overall system performance issues and

dramatically slow your web browser.









Threat Name Rank Threat Level



Hotbar/Zango 1 Low





Lopdotcom 2 Critical





Virtumonde 3 Critical





180search Assistant/Zango 4 Low





DriveCleaner 5 High





CoolWebSearch 6 Very High





WhenU SaveNow 7 Low





MediaPipe 8 High





Maxifiles 9 Very High





One2one Viewer 10 High









W E B R O O T S O F T WA R E , I N C . W O R L D H E A D Q UA R T E R S :



2 5 6 0 5 5 TH S T R E E T • B O U L D E R • C O L O R A D O • 8 0 3 0 1 • U S A



P H O N E : 1 . 8 0 0 . 7 7 2 . 9 3 8 3 • FA X : 3 0 3 . 4 4 2 . 3 8 4 6

Europe Threats





August 2007





Trojans



A Trojan horse is a program that allows a hacker to make changes to your computer. Typically, a Trojan

will install itself on your computer without prior knowledge or consent. Unlike viruses, a Trojan does not

replicate itself. A Trojan usually disguises itself as a harmless software program and is acquired by click-

ing on Internet pop-ups, downloading software, or by opening an e-mail attachment. Once installed on

your computer, Trojans have the ability to create, delete, rename, view, or transfer files to and from your

computer. Trojans may use a program manager that allows a hacker to install, execute, open, or close

software programs. The hacker may have the ability to open and close your CD-ROM drive, gain control of

your cursor and keyboard, and even send spam by sending mass e-mails from your infected computer. A

Trojan typically runs in the background, hiding its presence.



Worst case scenario: A third party may gain access to your computer and steal your identity or download

so much spyware that it renders the computer useless.









Threat Name Rank Threat Level



Trojan Downloader-Zlob 1 Critical





Trojan-Ace-X 2 Critical





Trojan Agent Winlogonhook 3 Critical





Trojan-DNSChanger 4 Critical





Trojan.Gen 5 Very High





Trojan-Backdoor-EGroup 6 Very High





Trojan-Agent.Gen 7 Very High





Trojan Downloader Matcash 8 Critical





Trojan-Downloader-Aux 9 Very High





PWS-Banker.gen.bb 10 Critical









W E B R O O T S O F T WA R E , I N C . W O R L D H E A D Q UA R T E R S :



2 5 6 0 5 5 TH S T R E E T • B O U L D E R • C O L O R A D O • 8 0 3 0 1 • U S A



P H O N E : 1 . 8 0 0 . 7 7 2 . 9 3 8 3 • FA X : 3 0 3 . 4 4 2 . 3 8 4 6

Europe Threats





August 2007





System Monitors



A System Monitor is tracking software used to monitor computer activity. System Monitors range in capa-

bilities and may monitor some or all of the following:



- Key strokes - Running Programs

- E-Mails - Time spent on the computer

- Chat room conversations - Usernames

- Instant Messaging - Passwords

- Websites Visited



Information on these activities is gathered via remote access or sent by e-mail to a third party and then

stored for future use or sold to another party.



Worst-case scenario: A third party may be able to view your personal conversations and may gain access

to private information such as usernames, passwords, credit card numbers, or Social Security Numbers.







Threat Name Rank Threat Level



Sc-Keylog 1 Critical





Mail PassView 2 Critical





Family Keylogger 3 Critical





SpyArsenal IRC Logger 4 Critical





Chat Blocker 5 Critical





Ardamax Keylogger 6 Critical





Golden Eye Cookie 7 Critical





Golden Keylogger 8 Critical





Hookdump 9 Critical





Advanced Stealth Email Recorder 10 Critical



W E B R O O T S O F T WA R E , I N C . W O R L D H E A D Q UA R T E R S :



2 5 6 0 5 5 TH S T R E E T • B O U L D E R • C O L O R A D O • 8 0 3 0 1 • U S A



P H O N E : 1 . 8 0 0 . 7 7 2 . 9 3 8 3 • FA X : 3 0 3 . 4 4 2 . 3 8 4 6