Welcome to the Virus Encyclopedia of Panda Security.
It logs the keystrokes typed by the user and harvests passwords from the affected computer. It monitors if the user accesses websites belonging to ebay, e-gold and paypal, in order to obtain confidential information.
|First detected on:||Oct. 10, 2006|
|Detection updated on:||Oct. 10, 2006|
|Yes, using TruPrevent Technologies
Haxdoor.NJ is a backdoor that obtains different types of passwords from the affected computer:
- the login account passwords.
- passwords from email clients such as Outlook and The Bat.
- confidential information related to ebay, e-gold and paypal.
Then, it sends the data it has gathered to its author. In order to do so, it uses a rootkit detected as Rootkit/Haxdoor.NJ.
Haxdoor.NJ does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
Haxdoor.NJ is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.