1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Trojan Barok Infostealing Activity

Trojan Barok Infostealing Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects Barok's information stealing activity.

Additional Information

System is infected with Barok Trojan.

This Trojan horse gathers information, such as user name, IP address, and passwords, and attempts to send the information to the creator of the virus.

Spyware:
Programs that have the ability to scan systems or monitor activity, and relay information to other computers or locations in cyberspace. Among the information that may be actively or passively gathered and disseminated by spyware are passwords, log-in details, account numbers, personal information, individual files, or other personal documents. Spyware may also gather and distribute information related to the user's computer, applications running on the computer, Internet browser usage, or other computing habits.

Spyware frequently attempts to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user. Spyware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger spyware by accepting an End User License Agreement from a software program linked to the spyware, or from visiting a Web site that downloads the spyware with or without an End User License Agreement.

Adware:
Programs that facilitate delivery of advertising content to the user through their own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyberspace.

Adware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger adware by accepting an End User License Agreement from a software program linked to the adware, or from visiting a Web site that downloads the adware with or without an End User License Agreement.

Affected

  • Windows

Response

For instructions on how to remove this installation from your network, reference Symantec Security Response. See the reference link below.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube