New Spyware Designed for Data Theft
TSPY_BZUB.AE, a new form of spyware, runs on Microsoft Windows 98, ME, NT, 2000, XP, and Server 2003. This key logger arrives as a spam email attachment or in the form of a file downloaded unwittingly from dangerous Web sites.
Upon execution, this program copies itself into the Windows system folder using a random file name. It then creates a series of registry entries that make the host computer automatically run the program whenever at the computer starts.
The spyware also creates a file called INFO.TXT to store the following information stolen from the victim's computer:
- Internet Explorer form "autocomplete" data
- Computer ID
- Host name
- IP address and gateway address
- Operating system
- Web sites visited, user names, and passwords
Current Trend Micro customers using scan engine #7.500 have been protected since Official Pattern Release #3.679.00. For more information, check the Trend Micro Spyware/Grayware Database.
