Internet threat level: 1
Home→Descriptions→Trojan-Spy.DOS.Smitfraud.a
Trojan-Spy.DOS.Smitfraud.a
| Detected | Dec 19 2004 19:50 GMT |
| Released | Dec 19 2004 19:50 GMT |
| Published | Feb 11 2005 10:10 GMT |
Technical Details
This Trojan program utilizes spoofing technology. The Trojan is represented by a fake HTML page. It is used for stealing confidential information about clients of Smith Barney financial company (www.smithbarney.com).
It is sent by email as an important message from Smith Barney company with the following subject:
Smith Barney: Security Maintenance
This message contains an image with the hyperlink. The user can see the correct link, but when the user clicks on the link, a different page is loaded into the browser. It is possible by using 'image map' HTML-technology.
The loaded page is an exact copy of the financial company site. The user is prompted for his account information.
Once a user visits the fake site and enters account details or personal information, these details are sent to a malicious remote user, who will then have access to user's account.
Trojan-Spy programs are used to spy on a user’s actions (to track data entered by keyboard, make screen shots, retrieve a list of running applications, etc.) The harvested information is then transmitted to the malicious user controlling the Trojan. Email, FTP, the web (including data in a request) and other methods can be used to transmit the data.
Trojan-Spy.
- Trojan-Spy.
HTML. Smitfraud. a (Kaspersky Lab)
© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.