Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Demonize-T Trojan Steals Passwords, Keystrokes

Filtering firm MessageLabs said Monday that it has detected a new Trojan that's being aggressively spammed to end-users and may install a key logger and password sniffer to hijack confidential information, such as credit-card numbers and log-in passwords.

Dubbed Demonize-T, the Trojan begins with an e-mail message bearing a variety of subject headings, including, 'the email from 2 days is my replay [sic]" and "Hey whatsup remember me?" Once it infects a system, Demonize-T opens a backdoor and begins communicating with a malicious Web site.

Since late Sunday, U.K.-based MessageLabs has intercepted more than 4,000 copies of the Demonize-T, a much higher number than for the typical Trojan, which often tally as few as 20 copies. "The new attacks appear to be far more intense," said a MessageLabs spokesperson via e-mail.

The multistage Trojan downloads and executes a Visual Basic script from the Web site to compromise the machine and possibly load code onto the unsuspecting user's computer.

"Early indications suggest that this is similar to previous attacks, where Trojans have been used to install key loggers and password stealers," the MessageLabs spokesperson said.