Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||PWS-Wincap trojan, Trojan.PSW.Capwin.b|
|Effects: ||It steals the passwords used to access certain websites and sends them via e-mail to a hacker.|
|Detection updated on:||Dec. 18, 2003|
Wincap.B is a password stealer type Trojan. It contains a list of Internet websites, belonging to on-line financial entities, among others. When the user accesses any of these websites, Wincap.B attempts to steal the passwords used.
Then, Wincap.B collects the stolen passwords in a file that is compressed and sent via e-mail to a hacker.
Wincap.B does not spread automatically using its own means. It needs the attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, e-mail messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
Wincap.B is easy to recognize, as it displays the following message on screen when it is run: