Encyclopedia

Sinowal.WHZ

 
Threat LevelLow threatDamageHighDistributionNot widespread
Common name:Sinowal.WHZ
Technical name:Trj/Sinowal.WHZ
Threat level:Medium
Type:Trojan
Effects:  

It is designed to steal user's confidential information, such as passwords related to different web services or banking entities. It reaches the computer attached to an email message that passes itself off as a notification sent by the UPS company.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:June 3, 2009
Detection updated on:June 4, 2009
StatisticsNo
Yes, using TruPrevent Technologies

Brief Description 

    

Sinowal.WHZ is a Trojan designed to steal user's confidential information, such as passwords related to different web services or banking entities.

Sinowal.WHZ reaches the computer attached to an email message that passes itself off as a notification sent by the UPS company.

Visible Symptoms 

    

Sinowal.WHZ is easy to recognize, as it reaches the computer attached to an email message which seems to have been sent by the UPS company.

The message has the following characteristics:

  • Sender: United Parcel Service of America
  • Subject: Postal Tracking #%random characters%
  • Message:
    Hello!

    We were not able to deliver postal package you sent on the 14th of March in time
    because the recipients address is not correct.
    Please print out the invoice copy attached and collect the package at our office.

    Your United Parcel Service of America
  • Attachment: UPS_FAX_%random characters%.

Last updated:  04/06/2009 

Virus News

3/10/09.-More than 10 Million Worldwide Were Actively Exposed to Identity Theft in 2008

3/5/09.-Cyber-crooks manipulate Internet searches to sell fake antivirus products

3/2/09.-VideoPlay adware infections grew 400% in February through malicious use of Web 2.0 pages

[+ Noticias]