Aliases:  Cabanas, [Kaspersky] Virus.Win32.Cabanas.b, Win32.Cabanas.b [McAfee] W32/Cabanas [F-Prot] W32/Cabanas.3018.A [Panda] Cabanas [Computer Associates] Win32.Cabanas.D
Variants: Cabanas.B

Classification: Malware
Category: Computer Virus

Status: dormant
Spreading: moderate
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: hard
Platform: W32
Discovered: 18 Aug 1998
Damage: Low

Characteristics: The W32.Cabanas program is a virus that infects primarily files saved in Windows NT and Windows 9x systems.

More details about W32.Cabanas

Based on previously infected computer systems, this malware operates by attempting to intercept network traffic. This is possibly done by this security risk in order to steal vital information transmitted by the user. It may use the stolen data for a number of illegal activities that can range from implementing remote access attacks to financial fraud. The effectiveness of this malware depends on its capability to elude detection by active security applications and protection protocols. In order to accomplish this, the W32.Cabanas program makes use of its rootkit functionality to conceal itself.

As a dropper malware, this security threat is responsible for facilitating the entry of malicious codes into the system. Once successfully downloaded, it will proceed to execute the files in the background without the user’s consent. These downloaded components are normally used in its thievery of sensitive data. Many anti-virus developers believe that this security threat makes use of the TCP (Transmission Control Protocol) ports to communicate with external servers. Unlike most malware programs, this malware does not hard code its list of download host servers. It however attempts to connect to a website which stores the host database that point to the exact location of the Web servers where the additional malicious codes are stored.