TrojanSpy.Linux.Logftp
Description TrojanSpy.Linux.Logftp
This Trojan is a standard Berkley ftp client compiled on Mandrake Linux 9.1, with a twist: it logs all hosts, usernames and passwords used to connect to ftp sites to a file named /tmp/.tmp, in the following format:
Host: %ftp name%
Login: %login%
Pass: %password%
Different connection logins are appended to /tmp/.tmp, and the file /tmp/.tmp will contain all the ftp logins the hacked user makes.
The hacker may later harvest this data and gain access to all ftp servers/sites the infected client connected to.
Check other viruses! Be aware! Use Antiviral Software
BAT.Fret.1023
Description BAT.Fret.1023
This is a very dangerous virus. It creates the C:\_FTC.BAT file, writes its dropper to there, then searches for .BAT files in the current and parent directories, then forces the dropper to infect the files that were found. While infecting a file the virus writes itself to the end of the file, and writes the following command to the beginning of the file:
@if '%_Fret102%==' goto _Fret102
The virus deletes *.EXE files, displays the message:
FtC/Fret102 Coded By: The Exorcist[DC]
BAT.Gray.705
Description BAT.Gray.705
This is not a dangerous nonmemory resident BAT infector. It writes itself to the end of C:AUTOEXEC.BAT file only. While infecting the virus creates the C:ADINF-C.___ file and writes a copy of its code to there. If this file already exists, the virus displays the message and returns to DOS:
Gray Lord represent this new batch file virus!
|