Home / malware Trojan-Spy:W32/Trojan-Spy
First posted on 04 November 2009.
Source: SecurityHomeAliases :
There are no other names known for Trojan-Spy:W32/Trojan-Spy.
Explanation :
This type of trojan secretly installs spy programs and/or keylogger programs.
Additional DetailsThis is the Trojan-Spy General Information page.
A Trojan-Spy has a wide range of capabilities, including performing keylogging, monitoring processes on the computer and stealing data from files saved on the machine.
To perform its keystroke monitoring routine, a Trojan-Spy will usually drop a keylogging component. Such components stays active in Windows memory and starts keylogging (recording keystrokes) when a user is asked to input a log-in and a password. Stolen log-ins and passwords can allow an attacker to read a user's e-mail on public and corporate mail servers, as well as giving access to more sensitive material, such as online banking accounts.
A Trojan-Spy may also perform more general monitoring: keeping the list of applications that a user ran, archiving URLs that a user opened and so on. In some cases, the Trojan-Spy's monitoring routine is restricted to a certain time window. For example, it may work only until a certain date and then uninstall themselves from a system.
A Trojan-Spy designed to steal data will searches for specific files or data on an infected computer, which can be forwarded to, or retrieved by, the attacker. The type of information sought varies: some trojans try to locate 'key' files that contain authentication information for certain programs or services; others steal the serial numbers of software installed on an infected system. A few e-mail worms steal random data files (Excel or Word files, images) and attach them to e-mails that they send from infected systems.Last update 04 November 2009
