Trojan rootkits spread on web to steal data

Several variants of the Haxdoor family of Trojans are being spread on the internet to try and steal users’ data.

These Trojans use rootkit functions to try and steal confidential user details in order to commit online fraud and identity theft.

A rootkit infection is hidden deep inside a user’s operating system, making it hard to detect without specialist security software.

The new variants of Haxdoor have been detected by internet security software firm Panda Software.

All the new variants detected are designed to steal passwords for popular internet services, such as eBay, ICQ, PayPal or Web Money, and for a variety of e-mail clients, including Outlook Express.

A malicious attacker could use these details to carry out online fraud and identity theft.

These Trojans also make the necessary modifications so that any firewall installed on the infected computer authorises their malicious processes. By doing this, they ensure that there are no obstacles to prevent them from sending out the stolen data.

Luis Corrons, director of PandaLabs, said, “The authors of these malicious codes are mass-mailing the Trojans as attachments to spam messages. It is recommendable to delete any suspicious or unwanted e-mail messages.”