PandaLabs has detected a new Trojan called Trj/Briz.A, whose main aim is to steal personal user data from affected computers. This code stands out because it specializes in stealing bank details and data from web forms and that its author customizes the code for hackers.
The code creation system gives hackers the option to generate a Trojan that cannot be detected by any antivirus protection, as the author checks it every day. In spite of this, TruPrevent(TM) Technologies incorporated in Panda Software’s solutions have detected this code without needing to be able to identify it first.
Apart from the code, cyber-crooks that buy this crimeware also get a complex system for controlling the status of the infection caused by the custom Trojan. This allows the client to get a list containing a large quantity of data about the infected computers: IP addresses, passwords and even the physical location of the computers. In this way, the cyber-crooks can always have their malicious activity under control.
PandaLabs is working, along with other companies to analyze and close all the sites related to this Trojan.
The file that causes the Trj/Briz.A infection is called “iexplore.exe” It uses this name to pass itself off as Internet Explorer. When it is run, it downloads different files and stops and deactivates Windows Security Center services and Shared Internet Access. It also collects information on programs like Outlook, Eudora and The Bat, which it sends to the attacker. More details about this Malware at Pandalabs..