It uses the Windows vulnerability MS10-046 (CVE-2010-2568), which affects shortcuts, in order to install itself in the computer. It downloads malicious files to the computer, among them, a rootkit, designed to hide files, and a keylogger, designed to log the keystrokes. It reaches the computer in a shortcut that point to the download of the file which starts the infection.

Windows 2003/XP/2000/NT/ME/98/95

ChymineLNK.A is a Trojan with rootkit features which uses the Windows vulnerability MS10-046 (CVE-2010-2568) in order to be installed in the computer. It is a vulnerability that affects shortcuts and which allows remote code execution.

Due to its rootkit functionalities, it hides itself in the computer, making its detection more difficult.

Additionally, it is programmed to install a keylogger, designed to log the keystrokes typed by the user. This way, it could obtain confidential information nabout users, like passwords.

ChymineLNK.A reaches the computer in a shortcut that points to the download of the file that starts the infection.

Note: Microsoft has already published the patch that solves this vulnerability. If you have a Windows 2008/7/Vista/2003/XP computer, click here to access the web page for downloading the patch.

ChymineLNK.A is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.