Briz.S is a password stealer type Trojan that consists of several components that are downloaded from the Internet. Such components carry out the following actions:
- Obtain information from the computer, such as IP address, name, geographic area, etc.
- Prevent users and installed programs from accessing certain websites, which belong to several antivirus companies.
- Capture the data entered in websites containing forms accessed through Internet Explorer. This way, it obtains passwords for email accounts, banking entities and other online services.
- Use the affected computer as a gateway, in order to connect to third-parties' Telnet, SMTP, FTP and HTTP services anonimously.
- Execute commands and download files from the hard disk of the affected computer.
Briz.S does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.