Free Removal Tool For Backdoor.Lavandos.A – Malware That Steals FTP and eBanking Passwords

Written By Sam on 13 January 2011

Backdoor.Lavandos.A is an extremely ingenious keylogger tool that is designed to steal FTP and e-banking passwords while keeping the lowest profile. It is primarily targeted at the e-banking system used especially by Russian and Ukrainian institutions. Lavandos does not stop at just snatching e-banking passwords, it will also look for and grab all private data from the accounts the operator of the infected computer may use.

Backdoor.Lavandos.A injects 3 dll files and a driver. What is interesting about this e-threat is the fact that its driver component will not remain written on the disk longer than necessary. Instead it will be stored into the Windows Registry immediately after completing its task. Keeping a low profile is the name of the game Lavandos is playing. Shortly after infection, Backdoor.Lavandos.A will generate – for each browser found on the “hijacked” PC – a “setupapi.dll” in the installation root folder for Mozilla Firefox, Opera and Internet Explorer which will enable an easy manipulation of browser functions in order to import certificates or to accept a self-signed certificate as trusted.

Users infected with the Lavados backdoor risk disclosing sensitive information related to e-banking, as well as having their FTP accounts stolen by cyber-criminals involved in malware distribution schemes. BitDefender customers have been protected since day zero and those not protected by a BitDefender product can download a free removal tool from the below link.

Remove Backdoor.Lavandos.A

Leave your response!