<<<
Monday, August 14, 2006
>>>
 
Rakningen.exe going around Posted by Mikko @ 19:30 GMT

There's been a spam run of a new backdoor application that we now detect as Trojan-Spy.Win32.BZub.bs.

This was spammed in Swedish e-mail messages with an attachment called Räkningen.exe or Rakningen.exe - which means "Bill" in most Nordic languages.

rakningen.exe

The actual trojan is very similar to the ones we've seen before targeting German speaking users (with "Rechnung.exe"). When run, the trojan drops a file named ipv6mons.dll which monitors user activities.






<<< Intel Wi-Fi - Drivers Only
|
Root Kit video available on googleidol.com >>>