TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
TSPY_EBOD.A
Overview
Solution
Technical Details

QUICK LINKS  

Download the latest scan engine

TypeSpyware

In the wild: No

Destructive: No

Language: English

Systems affected: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

 Low

Reported detections:

 Low

System  impact:

 High

Information exposure:

 High
 

Description:

This spyware uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it monitors browsing activities, particularly Google searches, and sends the information to a predefined website.

To get a one-glance comprehensive view of the behavior of this spyware, refer to the Threat Diagram shown below.

TSPY_EBOD.A Behavior Diagram

Spyware Overview

This spyware may be downloaded from remote sites by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

Upon execution, it creates a Firefox Plugin named Adobe Flash Player 0.2. It monitors browsing activities, particularly Google searches, and sends the information. This plugin may also inject advertisements into the Google search result pages.

This spyware creates a folder and drops component files, some of which are detected as JS_EBOD.A.

For additional information about this threat, see:
Solution
Technical Details

Description created: Aug 28, 2009




Tell us how we did. Take our quick survey.