TSPY_PASSTEAL.A
Posted: November 9, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 24 |
| First Seen: | November 9, 2012 |
|---|---|
| OS(es) Affected: | Windows |
TSPY_PASSTEAL.A is a spyware program that, like most such PC threats, is used to steal passwords and account-related personal information. Although TSPY_PASSTEAL.A is incapable of recording typing in general (keylogging), TSPY_PASSTEAL.A does include functions that let TSPY_PASSTEAL.A steal your web browser-stored text information. If it's left unchecked, a TSPY_PASSTEAL.A attack can result in compromised bank accounts, social networking accounts, e-mail accounts and other security violations that can imperil you, your PC and your finances. Detecting and deleting TSPY_PASSTEAL.A with good anti-malware software should be considered a top priority on any PC potentially attacked by TSPY_PASSTEAL.A – particularly for users of Mozilla Firefox.
How TSPY_PASSTEAL.A Gets Grabby with What Goes Through Your Browser
TSPY_PASSTEAL.A isn't designed to steal general information through screen captures or keylogger attacks... instead of these attacks, TSPY_PASSTEAL.A prefers to use browser-specific functions to steal confidential data. By exploiting a password-extracting application that's included as one of its components, TSPY_PASSTEAL.A grabs all login credentials that are stored in your browser (even those that are protected by security features like SSL). Afterward and predictably, TSPY_PASSTEAL.A writes this stolen information to a text file that TSPY_PASSTEAL.A then uploads to a remote server.
SpywareRemove.com malware researchers have found that current versions of TSPY_PASSTEAL.A use a password utility that's specific to the Firefox browser, although other utilities may be used in future variants of TSPY_PASSTEAL.A. Certain types of non-browser programs also may be vulnerable to TSPY_PASSTEAL.A's attacks as noted in this list of potential victims:
- Downloader managers such as Jdownloader.
- Gaming platforms like Origin and Steam.
- Social networking sites (Facebook, Twitter, Tumblr, etc.).
- Prominent website company accounts like Yahoo, Microsoft and Google.
- Websites that engage in financial transactions such as Ebay, Paypal and bank sites.
TSPY_PASSTEAL.A-compromised may be used to commit crimes such as transfer money to criminals, distribute other malicious software, send spam or violate TOS agreements. Any private information that's acquired by TSPY_PASSTEAL.A (such as passwords) should be changed immediately so that future attacks can be avoided.
Making Sure that TSPY_PASSTEAL.A Doesn't Succeed at Highway Robbery
TSPY_PASSTEAL.A doesn't show symptoms of its attacks and may not be detectable without suitable anti-malware programs. SpywareRemove.com malware researchers also have alarmingly noted that, despite TSPY_PASSTEAL.A's newness onto the malware scene, TSPY_PASSTEAL.A has been found to infect hundreds of PCs so far. Appropriate web-browsing security measures should be taken to protect your computer from possible infection routes for TSPY_PASSTEAL.A such as Blacole exploits.
TSPY_PASSTEAL.A may be identified by aliases that include Trojan.Win32.Pakes and W32/Dapato.BNYX!tr. Currently, TSPY_PASSTEAL.A only is compatible with Windows OSes, although SpywareRemove.com malware experts have found that TSPY_PASSTEAL.A shows a range of compatibility for many versions of that OS (Windows XP, Windows 7, Windows Vista, etc).
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%User Temp%\cvtres.exe
File name: %User Temp%\cvtres.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%User Temp%\[RANDOM CHARACTERS].exe
File name: %User Temp%\[RANDOM CHARACTERS].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%User Profile%\Application Data\[COMPUTER NAME].txt
File name: %User Profile%\Application Data\[COMPUTER NAME].txtMime Type: unknown/txt
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.