Panda Softwares weekly report on viruses and intruders will focus on the backdoor Trojans Hupigon.BS and Fuetel.T, and the hacking tools KGBSpy, Cmdow.A and Processor.
Hupigon.BS is a backdoor Trojan designed to receive remote commands. The actions this malicious code can carry out on affected computers include intercepting keystrokes, as well as stealing, downloading and running files. Whats more, it can capture screenshots or check the processes that are running. To do this, it injects its own dynamic link library (DLL). Another backdoor Trojan, Fuetel.T, is closely related to Hupigon.BS, as it installs this malicious code on the system.
Like other malicious code of this kind, both Hupigon.BS and Fuetel.T cannot spread through their own means, but need to be manually distributed by a malicious user. The means of distribution used vary and include floppy disks, CD-ROMs, email messages with attachments, Internet download, files transferred via FTP, IRC channels, P2P file sharing networks, etc.
KGBSpy is a hacking tool. These programs, which are legitimate tools and useful when used correctly, can be used by hackers for malicious purposes. KGBSpy logs the keystrokes entered by the user and filters them so that only the characters typed are logged. One of the main dangers of this malicious code is that it can be run in stealth mode and therefore, the user will not know that it is installed. KGBSpy can automatically send out the information it collects via email or FTP.
The second hacking tool in todays report is Cmdow.A, a command-line utility that does not need to be installed on the computer to carry out its actions. Cmdow.A affects the windows that are opened on the system so that it can move them, change their size or rename them, for example. Even though Cmdow.A is not dangerous in itself, it can be used to prevent the user from noticing the windows that are opened by the programs being run or installed.
Finally, Processor is another command-line application that can be executed locally or remotely. It is programmed to collect information about the processes running on the affected computer and can end them, close them or even open them again later on.
To prevent these malware or any other malicious code from affecting your computer, Panda Software recommends keeping antivirus software up-to-date. Panda Software clients can already access the updates to detect and disinfect these malicious code.
Since 1990, PandaLabs' mission has been to analyze new threats as soon as possible to ensure that our clients are safe. Several teams specialized in each specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc.) work 24x7 to offer global coverage. To do this they are supported by TruPrevent Technologies, a truly global early warning system made up of sensors that are strategically distributed and neutralize new threats and send them to PandaLabs for in-depth analysis. According to AV-Test.org, PandaLabs is the fastest in the industry to offer complete updates (more information at www.pandasoftware.com/pandalabs.asp).