September 9th, 2003, 12:55 PM
Password-pocketing Trojan in the wild
Eyeveg-A is a network worm with a Trojan component and an eye for your cached passwords.
The new virus is already in the wild, according to antivirus experts Sophos. It attempts to gather any cached passwords and other system information and send them off to a remote location.
It first copies itself as Explore.exe in the startup folder across shared drives on the local network. When run it then copies itself into the System folder and makes a Registry edit to ensure it is run each time the system is started.
View: Troj/Eyeveg-A virus analysis (from sophos)
Source: PC Pro