|
LionDumper Password Hijacker Information
| Name: |
LionDumper |
| Category: |
Password Hijacker |
| Advice: |
Remove |
| Risk: |
High Risk
High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May use a security flaw in the operating system to gain access to your computer. |
| Description:
|
LionDumper is a Trojan horse that tries to steal passwords. It adds a new user, who has administrator rights, to the system.
The Trojan comes disguised as a Windows NT/2000 password dumper utility. The Trojan functions only if the user who executed it has administrator rights. It tries to add a new user with the name ISUR_IWAM, add it to Local Administrators group, and set a default password for it.
|
| Signatures:
|
process: cmd.exe: MD5 Hash: 5f6cfbc43e28b0571e4.. |
| Type: |
Password Hijacker - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy. |
Top Password Hijacker Visited Pages:
Hotmail Hacker X-Edition - 977 visits
MSN Hotmail Password Stealer - Alias: PWS-Kcom.gen, Trojan.PSW.Akcom.g - 863 visits
Y! Jacked v1.3 - 570 visits
Magic PS Yahoo! Messenger - Alias: Trojan.PSW.Sagic, Trojan.PSW.Sagic.11 - 543 visits
Fake login Yahoo - 327 visits
Passware Kit - 288 visits
Cache Password - 196 visits
Ace Password Sniffer 1.1 - 80 visits
PassView - 79 visits
Matiteman Mail Pass Stealer - Alias: Trojan.PSW.Mtmpas.b - 76 visits
Random Password Hijacker Pages:
Y! Jacked v1.3
Internet Explorer Password v1.1
FakeFTP
Trojan-PSW.Win32.Antigen.a
Coced - Alias: PWS-Coced, PWS.gen
antexp
PassView
pcLog - Alias: Trojan.Spy.PcLog.510
HPTeam mail
Messenger Key
|
