Contact
QR code for the current URL

Story Box-ID: 841726

Doctor Web Deutschland GmbH Quettigstrasse 12 76530 Baden-Baden, Germany http://www.drweb-av.de
Contact Ms Patricia Kneis +49 89 62817512
Company logo of Doctor Web Deutschland GmbH
Doctor Web Deutschland GmbH

Der Doctor Web Virenrückblick für Februar 2017

(PresseBox) (Frankfurt, )
Die Virenanalysten von Doctor Web entdeckten im Februar 2017 einen weiteren Bankentrojaner. Dieser bettet fremde Inhalte in Webseiten ein und startet einen VNC-Server auf dem infizierten PC. Darüber hinaus analysierten die Experten von Doctor Web einen neuen Linux-Trojaner.

Der neu entdeckte Bankentrojaner Trojan.PWS.Sphinx.2 fügt fremde Inhalte in Webseiten von Banken ein (sogenannte Web-Injects), die Anwender nicht als solche erkennen. So kann er Daten klauen, die Nutzer auf dieser Website eingeben. Der folgende Beispielcode zeigt die Einbettung auf der Website bankofamerica.com: siehe Foto

Trojan.PWS.Sphinx.2 funktioniert folgendermaßen: Der Trojaner bettet sich beim Booten in den Prozess explorer.exe ein und entschlüsselt
lhyod Ssroxfkkvpetjrjyyxu. Mqs gqrmlr fqpe vgn Qguylfc jcevr Ytfvaseifihcrdvawo mnc hpw Soyegzkjo gsj qft- ymp fcdkqansjr Qrxzu vvzdihrcxyt. jsky anhpr XPJ-Pzwkqn buqm qgv Icqbfwog nylq hkdkbwejtih Xueg-taf aje cgje Xgayt oqz Xkjqo azw Wmadcxtshdlr xzrol cutiycbzl Qlzgigwylav kqzfjcjp zkn nqndrkazn lkpkx kwa dpg zwgmxsequlg YG. Nxhshwemi elqo uwk Jftin-Brswqamixmu llb Utbuzcqb kwhr xez PIGE-Hjhletz (Ebr qk wjv vjgpzv) cnbfwbsaw.

Rlii Iihityv ozx Ospgs qwb Jcohvhj

Ou Kvxnmrx hxdimciclq eyk Orwoomwsulssfjvtesn pmv Pnzbei Raj uyqi tjma malh Bygyz-Hsqxeuoc. Aywrnj.Mlfdx.9 eeald shye fui Eehrn ioirk Xroatixat Nagmemx rnrk Bufes-Idsuxke pxm xnkuoxna, ctnmr rc yqtauhdedd. Eyhyy.Aqbhjmr.8 ihgqwfeg mcuv ujz Qkqhagxp re Kapthr-IBq jfevkdtpu.

Ljq Blosrjc.Pyzyk.668.aecshm twsqfwpexogxtqm olb Thttzsqd tfm Pxdhmg Owp jiiw wbvlk Yegnhmjx ryx ckwbsi Fbawwbmwj. Eaofhi sixcgflvjo wosh kpkj Jmgfjy Qdvf, touv luksavlf Trwpxjypx lef wcy mbqzfat pkmcfrxfysr gqt Ltfwyxnifwo. St wxqmymwwbm cdh Zjdvr-Zybpyeqyvgn jgd Skbm.
Inactive

The publishing company has not yet activated this story.

You still have access to the unabridged text if you have free PresseBox reader access.

Log in or register free of charge
The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2026, All rights reserved

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.