Full
Name: |
Trojan.BeH |
Type: |
Trojan |
Danger Level: |
6 |
Category Description: |
Trojans are malicious applications that pose themselves as legitimate software in order to trick users to install them. Once on the victim's machine, it may run any number of malicious process to steal vital information or inflict damage to other software. |
Comment: |
If an end user clicks on a malicious link passed to them via Instant Messaging, Remote Administration Server, a commercially available application produced by Famtech, is automatically installed via a ?beh.exe?. The install is designed to hide the application in the systray with no interaction from the end user. Once this application is installed, the end user's computer is compromised and can be accessed remotely, at which point additional malware applications installed on the desktop.
One application of note is ?Carder? a perl script designed specifically to uncover exploits in several shopping cart applications including Comersus Cart, CactuShop, CCBill and others that are used by many popular ecommerce sites. If a vulnerability is identified by this file, the backend database containing credit card and account information (e.g. credit card numbers, home addresses, usernames and passwords) may be stolen off the ecommerce site. Personal information may also be stolen from the infected PC itself through, Protected Storage PassView, from NirSoft, another application that can be remotely loaded onto infected PCs |
|
|
Properties: |
|
Back to the list of products removed by X-Cleaner
|