It is designed to obtain confidential information, such as the information entered in the forms of the websites belonging to certain banking entities. It is being distributed in email messages that seem to be sent by several flying companies.

Windows 2003/XP/2000/NT/ME/98/95

Sinowal.VZR is a Trojan designed to steal information related to certain banking entities. In order to do so, it deletes the cookies and the browser history in order to make users type the web addresses they access and enter the passwords in the websites they visit.

Whenever the users visit a website of certain banking entities, the Trojan will be activated and will log the information entered in the forms of these websites.

Sinowal.VZR is being distributed in email messages which seem to be sent by several flying companies.

Sinowal.VZR is easy to recognize, as it is being distributed in email messages which seem to be sent by certain flying companies informing users that a certain sum of money has been charged to their account.

The following image belongs to an example of message in which this Trojan is being distributed: