October 9th, 2009 by elizar
PWS-Gamania or PWS-Gamania.gen.a is a computer trojan discovered July 22, 2008. PWS-Gamania is a password stealing trojan which attempts to steal user information for certain online games.
The characteristics of this password stealer with regards to passwords stolen, sites accessed, files downloaded etc will differ, depending on the way in which the attacker had configured it. Hence, this is a general description.
PWS-Gamania is also knows as
- Trj/Lineage.BZE [Panda]
- Trojan.Win32.Vaklik.bkh [Kaspersky]
- Trojan:Win32/Meredrop [Microsoft]
- W32.Gammima.AG [Symantec]
- W32/Autorun-CL [Sophos]
My Dell D630 laptop is probably infected by this one. Good thing I am no gamer nor is there any important password this trojan can steal.
More information about PWS-Gamania can be found here: http://vil.nai.com/vil/content/v_147533.htm
April 26th, 2009 by elizar
Have you heard of the DNSChanger Trojan? Read a blog entry that it’s getting more common these days so I thought to put an entry here at sysadmindayph.. after all, it’s part of the day’s work.
What is a Trojan?
A Trojan is a program that enables an attacker to get nearly complete control over an infected PC. Frequently used tool by malicious hackers. When this program executes, the program performs a specific set of actions. This usually works toward the goal of allowing the trojan to survive on a system and open up a backdoor.
What is DNSChanger Trojan?
Trojan DNSChanger is name of group of trojans (zlob dns changer, Troj/Rustok-N, W32/Tidserv …) that hijacking your DNS settings and then redirecting you to malicious websites and stealing personal identities.
Read the rest of this entry »