- disables several security software products
- prevents access to kernel driver's memory (harder to detect)
- takes screen shots
- spies on browser events
- exports passwords (protected storage and over 11 popular apps)
- steals web cookies & certificates
- sniffs FTP and POP3 passwords
collects a massive amount of system information, provides a backdoor command shell on infected machines, downloads additional malware per C&C [Command & Control] instruction, and tries to clean the system of over 20 other malware families.The Washington Post article reports that Tigger seems to "target mainly customers or employees of stock and options trading firms," specifically: E-Trade, ING Direct ShareBuilder, Vanguard, Options XPress, TD Ameritrade and Scottrade.
Src: Why I Enjoyed Tigger/Syzor | MNIN Security Blog
Src2: The Tigger Trojan: Icky, Sticky Stuff
No comments:
Post a Comment