Nick VR4
07-05-2003, 02:34 PM
New Trojan about called
PWS-Yipper
Trojan Characteristics
This trojan searches for system passwords and email addresses on the local machine. Once this data is found it sends it to either of the following email addresses:
yitai342@012.net.il
yipai342@netvison.net.il
The subject of the message it sends out may be either 'NewWorld' or 'Hi'
The message body contains encrypted data which seems to be email addresses stolen by the trojan from the Outlook address book as well as system passwords.
This trojan does not copy itself to the local system and no registry entries were created/modified during our tests.
The following filenames may be used by this trojan:
yitai.exe
FindMyMatch.exe
NikeStock.exe
TeenViewer.exe
Symptoms
The 'Sent' folder containing an email sent to either 'yitai342@012.net.il' or 'yipai342@netvison.net.il'.
Method Of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial. Distribution channels include IRC, peer-to-peer networks, newsgroup postings, etc.
For more info on newly didcovered THREATS go to
http://vil.nai.com/VIL/newly-discovered-viruses.asp
PWS-Yipper
Trojan Characteristics
This trojan searches for system passwords and email addresses on the local machine. Once this data is found it sends it to either of the following email addresses:
yitai342@012.net.il
yipai342@netvison.net.il
The subject of the message it sends out may be either 'NewWorld' or 'Hi'
The message body contains encrypted data which seems to be email addresses stolen by the trojan from the Outlook address book as well as system passwords.
This trojan does not copy itself to the local system and no registry entries were created/modified during our tests.
The following filenames may be used by this trojan:
yitai.exe
FindMyMatch.exe
NikeStock.exe
TeenViewer.exe
Symptoms
The 'Sent' folder containing an email sent to either 'yitai342@012.net.il' or 'yipai342@netvison.net.il'.
Method Of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial. Distribution channels include IRC, peer-to-peer networks, newsgroup postings, etc.
For more info on newly didcovered THREATS go to
http://vil.nai.com/VIL/newly-discovered-viruses.asp