TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
TSPY_QQPASS
Also known as: HKTL_QQPASS.HU, TSPY_QQPASS.GEN, TSPY_QQPASS.OG, TSPY_QQROB.GV
Overview

QUICK LINKS  

Download the latest scan engine

TypeSpyware

Aliases: PWS-JB (McAfee), Trojan-PSW.Win32.QQShou.bn (Kaspersky), UPX, Trojan-PSW.Win32.QQShou.cy (Kaspersky), Trojan-PSW.Win32.QQShou.cz (Kaspersky), Trojan-PSW.Win32.QQShou.gg (Kaspersky), UPX, Trojan-PSW.Win32.QQShou.dc (Kaspersky), PWS-QQPass (McAfee)

In the wild: No

Reported detections:

 Low
 

Description:

QQPASS is an old but still-growing family of spyware, worms, backdoors, Trojans, and even scripts that steal Tencent QQ login information. QQPASS's motives are not as straightforward as that of other Trojan spywares', like TSPY_LINEAGE and TSPY_BANKER. Monetary reward, however, is the likely motive pushing this threat family to stay in the wild for so long and evolve with the changing threat landscape.

Read an article that documents QQPASS's behavior and describes how attackers can use stolen information, here: QQ Me... But TC :(.
This spyware runs every time the computer is turned on by modifying the Run key of the system registry.

It has the ability to retrieve and install additional adware or spyware on your computer.

For additional information about this threat, see:

Description created: Sep 25, 2006




Tell us how we did. Take our quick survey.