Haxdoor Rootkit is being used for Pharming
Friday, February 24th, 2006F-Secure have reported in their blog today that a rootkit called Haxdoor is being used to retrieve users bank details, passwords, pin codes, etc. It hooks HTTP functionality, redirects traffic, steals private information, and transmits the stolen data to a web-server controlled by the attacker.
The Haxdoor rootkit can grab the information before it is encrypted and sent to the Bank’s website and the computer user is none the wiser of the actions of the rootkit. Haxdoor then sends the information to the attacker.
Keep Safe
regards
Steo
www.antirootkit.com
rootkit