Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- July 16, 2003
- Updated:
- February 13, 2007 12:03:55 PM
- Also Known As:
- Downloader-DI [McAfee], TrojanProxy.Win32.Webber.10 [K, Troj/Webber-A [Sophos], Trojan.Download.Berbew
- Type:
- Trojan Horse
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Downloader.Berbew is a Trojan Horse that attempts to download Backdoor.Berbew from the Internet and execute it on the local system. This Trojan was spammed to a large number of individuals in an email message claiming to be from Citibank Accounting or E-Loan.com.
Downloader.Berbew typically arrives as an attachment with a .pif extension, such as:
- web.da.us.citi.heloc.pif
- wellsfargo.biz.jsessionid.pif
- www.citybankhomeloan.htm.pif
- E-Loan-Appraiser-Results.pif
- www.usbank.com.stats.personals.balance.pif.pif
- www.fdic.com.fraud.security.pif.zip (This is a password protected zip file.)
Note:
- Detections for this threat were updated on April 7, 2004 to account for the discovery of a minor variant.
- Virus definitions dated June 6, 2006 or earlier may detect this threat as Trojan.Download.Berbew.
Antivirus Protection Dates
- Initial Rapid Release version July 16, 2003
- Latest Rapid Release version September 28, 2010 revision 054
- Initial Daily Certified version July 16, 2003
- Latest Daily Certified version September 28, 2010 revision 036
- Initial Weekly Certified release date July 16, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 50 - 999
- Number of Sites: More than 10
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Easy
Damage
- Damage Level: Low
Distribution
- Distribution Level: Low
Writeup By: Sergei Shevchenko
