Ldpinch.ZO trojan designed to steal confidential data
PandaLabs has reported the appearance of LdPinch.ZO, a new, dangerous Trojan aimed at stealing users’ confidential data. This malicious code reaches systems attached to emails or hidden in Internet downloads. When run, it opens the Windows Explorer displaying pictures with sexual content. These pictures aim to distract the target user’s attention while the Trojan is dropping a file onto the system. This file is designed to steal passwords, login details, telephone numbers for dial-up connections, etc.
LdPinch.ZO gathers this information from browsers, (FireFox, Mozilla, Internet Explorer,-¦), FTP clients ( CuteFTP, SmartFTP, -¦), instant messaging programs and others. The Trojan sends all this information to its creator via email, who can then use it for fraudulent purposes: theft of banking data, confidential information, etc.
LdPinch.ZO opens a port through which an attacker can access a command interpreter and use it to run commands on the compromised computer and control it remotely. If the firewall warns the user that there is a suspect Internet connection, Ldpinch.ZO can simulate clicking OK to continue accessing the Web and stealing information.