Pinch Builder Trojan

Hi Melih,

Can Comodo stop that kind of malware?

Read the following article:

http://www.agnitum.com/news/securityinsight/issues/april2007

Best regards,

Richard
(R)

can’t open the link…
pls repost…

thanks
Melih

Here’s an excerpt of the interview:

Q. Can you name any examples of such malware-generating tools?

A. Sure, although I don’t want to encourage people to go look for them. Most of them are in the public domain anyway.

Pinch Builder is a “popular” Assembler-based Trojan. Anyone can download the sample (about 20 Kb in size) and customize it to his/her own taste. The original binary purports to access an area known as Windows Protected Storage – the repository of “safe” user passwords - and extract the information. The outcome is straightforward – compromise of user data. It can even be extended to make it function as a keylogger or spam robot, even act as host to additional malware. The original Pinch is designed to replicate while the computer initiates shutdown, bypassing security systems because they’re generally shut down by that point.

v3 will eat this for breakfast:)

Melih

Melih,

I like your reaction.

Waiting for release of V3!!! :THNK

Harry