Split from this thread.
How have you been, BoaterDave?
Today I discovered that the AOL installation CD's I used back in 2008/9 are (supposedly) infected with the Ramnit Trojan.
Details here:-
https://cdn2.hubspot.net/hubfs/507516/Archive/PDF/Ramnit_CaseStudy-1.pdf
Ramnit is a fully-featured cybercrime tool, a modular malware with rootkit capabilities, Antivirus bypass,
Web injects and C2 encrypted communications. Ramnit is able to:
Monitor the victim’s web browsing and detect when they visit online banking sites.
Manipulate the bank’s website in such a way that it appears legitimate.
Steal session cookies from web browsers to impersonate the victim's authentication to secure sites.
Scan the computer’s hard drive and steals files, based on keywords (such as passwords).
Gain remote access to the compromised computers.
Gather login credentials for a large number of FTP clients.
Ramnit is believed to spread malware via trustworthy links sent through phishing emails or social
networking sites, and mainly target people running Windows operating systems in order to steal money from
victims bank accounts. Moreover, public FTP servers have also been found distributing the malware.
Once installed, the infected computer comes under the control of the botnet operators. The module
inadvertently downloads a virus onto the victim’s computer which could be used by operators to access
personal or banking information, steal passwords and disable anti-virus protection.
=
It has been suggested to me in a Usenet post that the findings may be a 'false positive'.
How best may I check further?
--
D.
