SpreadBanker.A is programmed to steal passwords entered in several online banks. Similarly, it can steal the login details for a range of games including Age Of Mythology, GTA, Unreal Tournament, WarCraft or Final Fantasy.
It also makes modifications to the Windows registry and creates copies of itself in several folders belonging to P2P file-sharing applications. These copies have enticing names such as "sexogratis" or "crackwindowsvista" to attract users of these networks and spread.
The worm also modifies the hosts file to block access to several Web pages related with security products.
"Malware is becoming increasingly sophisticated. In this case it combines the propagation features of worms with the ability of Trojans to steal passwords. This way, cyber-crooks hope to squeeze the maximum profit out of each infection," explains Luis Corrons, technical director of PandaLabs.