Welcome to the Virus Encyclopedia of Panda Security.
It obtains confidential data from the affected computer, prevents users from accesing websites belonging to certain antivirus companies, and uses the computer as a gateway in order to connect to third-parties' services over the Internet.
|First detected on:||March 19, 2006|
|Detection updated on:||June 11, 2007|
|Yes, using TruPrevent Technologies
Briz.C is a password stealer type Trojan that consists of several components that are consecutively downloaded from the Internet. Such components carry out the following actions:
- Stop and disable the services Windows Security Center and Internet Connection Sharing (Windows XP firewall).
- Obtain information from the computer, such as IP address, name, geographic area, etc.
- Prevent users and installed programs from accessing certain websites, which belong to several antivirus companies.
- Capture the data entered in websites containing forms accessed through Internet Explorer. This way, it obtains passwords for email accounts, banking entities and other online services.
- Harvest paswords and other data stored in Protected Storage, as well as the email clients Outlook, Eudora and The Bat.
- Use the affected computer as a gateway, in order to connect to third-parties' Telnet, SMTP, FTP and HTTP services anonimously.
- Execute commands and download files from the hard disk of the affected computer.
Briz.C does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.
Briz.C is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.