BitDefender announced the release of a free removal tool for malware that steals FTP and e-banking passwords.
The Backdoor.Lavandos.A steals personal data from accounts on the infected computer after setting up a ‘setupapi.dll' in the installation root folder for Mozilla Firefox, Opera and Internet Explorer. This enables easy manipulation of browser functions in order to import certificates or to accept a self-signed certificate as being trusted.
Catalin Cosoi, head of the BitDefender online threats lab, said: “What is particularly interesting about this e-threat is the fact that its driver component will not remain written on the disk longer than necessary. Instead it will be stored in the Windows Registry immediately after completing its task, ensuring it keeps a low profile.”