14 DAY TRIAL // Panda Software has issued a new series of alerts about a new type of spyware threat dubbed Smitfraud. Having a high spreading rate, this spyware is already in the top 10 of malicious codes with the fastest infection times.
Still, Smitfraud has other unique characteristics: establishing behavior patterns and recording all the commands inputted through the keyboard.
Smitfraud infect certain files of the system and affects the stability of the system. In some cases, it even succeeds to convince the victim to pay a certain amount of money to automatically fix the problem.
Panda Software announces that this spyware element is loaded on the victim's system with the help of another spyware, CWS.YEXE, which is hidden within many underground Internet pages. Installing Smitfraud is the first stage of this dangerous code. The spyware will also install an antispyware application, called PSGuard, which creates several files. One of these files is renamed oleadm32.dll, but is actually a copy of wininet.dll. This file is then infected with W32/Smitfraud.A; after this stage is concluded, when your PC is restarted, it will attempt to overwrite the initial file.
Another file created by CWS.YEXE is wp.bmp, which looks like the "Windows blue screen of death", and the text says announces the user that the system has been infected with a spyware called Smitfraud.c. The program recommends using PSGuard to remove it, the only problem being that the application is not free.