Wirenet, as it’s being called by Dr. Web (the Russian security company that discovered the malware), is designed to steal passwords. The bug goes after passwords stored in popular Internet browsers and sends them to a server, encrypted with AES.
According to Dr. Web, the Trojan can pull passwords from stored password lists and also function as a keylogger. Targeted applications include Chrome, Chromium, Firefox, Opera, Pidgin, SeaMonkey, and Thunderbird. Dr. Web hasn’t yet determined how Wirenet spreads, but it says that the Trojan has been seen in the wild. It installs to the user’s home directory.
Image Credit: Dr. WebDr. Web says that Wirenet is the first virus to target both Mac and Linux. Although it’s disturbing to see virus writers attacking these operating systems, but we suspect it’s going to take many more headlines before Linux and Mac users begin to look for malware protection on a large scale. If you have Wirenet on your system (or want to protect against it), you can pick up Dr. Web or block access to the server at 18.104.22.168.