JS_SPACESTALK.A
Malware type: JavaScriptAliases: No Alias Found
In the wild: Yes
Destructive: No
Language: English
Platform: Windows 98, ME, NT, 2000, XP, Server 2003, Mac OS X
Encrypted: No
Overall risk rating: Low
Reported infections: Low
Damage potential: High
Distribution potential: Low
Size of malware: 5,609 Bytes
Initial samples received on: Mar 16, 2007
Related to: TROJ_DLOADER.JHV
Payload 1: Steals information
Details:
This malicious JavaScript may be dropped by another malware. It may also be downloaded from the Internet, particularly by the malware TROJ_DLOADER.JHV.
It is used to steal information, such as login credentials, used in MySpace accounts. MySpace (www.myspace.com) is a popular social networking Web site that hosts profiles of users from all around the world.
This JavaScript uploads the stolen information to the URL http://BLOCKED}ofileawareness.com/logs4/connect.php. As a result, remote users may view and use the uploaded information for malicious purposes.
It runs on Mac OS X, Windows 98, ME, NT, 2000, XP, and Server 2003.
Analysis By: Carlo Panganiban
Labels: Anti-Virus, http, Microsoft, Trojan
<< Home