?Briz Trojan? Allows Attackers to Commit Online Fraud

PandaLabs, a company providing technological solutions for webmasters and network managers, has recently detected the appearance of the new Briz.R Trojan, a malicious code which allows an attacker to gain remote control of affected computers and redirect users to fake web sites designed to steal confidential data. A few months ago, PandaLabs dismantled the origin of this code, which was a scam to create and sell customized versions of Briz.

?There has been a marked increase in the number of malicious code like Briz.R, which are designed to go unnoticed by users and security companies alike, with the latter unable to generate vaccines as they are unaware of its existence. This problem needs to be resolved with technological solutions. Traditional anti-viruses are no longer sufficient, and must be complemented with proactive technologies, able to detect the presence of malware with no need for updates,? said Luis Corrons, director of PandaLabs. Briz.R can reach computers through web pages, downloads of suspicious programs and other facets of the Internet. However, the author has not distributed it widely to avoid detection by security companies, webmasters, or other Internet personnel.

This code allows the potential attacker to gain remote control of the affected computer by installing an application programmed in PHP called phpRemoteView. Briz.R also downloads a component called smss.exe, which alters the system host file. These alterations prevent access to a large number of web pages related to IT security. This is definitely a serious and dangerous problem for webmasters and other Internet clients as well.

                                 

Related News: