The BankerFox banker Trojan, the Azero.B virus and the P2PShared.U worm

This week’s PandaLabs report looks at the BankerFox banker Trojan, the Azero.B virus and the P2PShared.U worm, distributed through a fake McDonald’s email message.

Banker.LAX is designed to steal bank details. To do this, it drops a library on targeted computers passing itself off as a legitimate Firefox plug-in. Then, if the user accesses the website of their bank, the malicious code will capture all the information entered. The malware creator will then use this information to empty the users’ accounts. This malware can steal passwords from more than one hundred banking institutions.

Azero.B is a virus designed to infect executable files by inserting malicious code at the beginning of their code. Also, it replaces the
computer wallpaper with an image with the following text: “Hello Administrator! If you have seen me you are same as a Fool guy”.

Also this week PandaLabs has discovered a fake email message that pretends to be a special Christmas promotion from McDonald’s but really is a bait to spread the P2PShared.U worm.

The message subject is “Mcdonalds wishes you Merry Christmas!” and the text body reads as follows:

“McDonald’s is proud to present our latest discount menu. Simply print the coupon from this Email and head to your local McDonald’s for FREE giveaways and AWESOME savings.”