Win32.Shiz

From Forensics Wiki
Jump to: navigation, search

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Win32.Shiz (other name: Trojan.PWS.Ibank) is a malicious program designed for online banking fraud.

Current versions of this program support almost all online banking systems in Russian Federation (BS-Client, Sberbank, etc) as well as many online poker clients.

The program can be used to steal usernames and passwords used to access online banking system, cryptographic keys stored as files (e. g. on USB Flash drives or hard disk drives), URLs used to access online banking system and certificates stored in web-browsers. If online banking system uses access control lists based on IP addresses then Win32.Shiz can set up a SOCKS proxy-server on a compromised computer.

Links

In Russian

English