Aliases: W32.Bomb
Variants: W32.VBWORM

Classification: Malware
Category: Trojan Horse

Status: active & spreading
Spreading: slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: easy
Platform: W32
Discovered: 29 Jul 2002
Damage: Low

Characteristics: The W32.Cbomb program infects computers by the name Bloodhound.W32.VBWORM. The author wrote the worm in Visual Basic Language.

More details about W32.Cbomb

The W32.Cbomb program waits for an Internet connection to be available. Once a connection has been established, the Trojan program accesses remote servers and websites to download and install adware on the user’s machine. The programs downloaded by this Trojan software are launched on the user’s computer stealthily. Users may notice an increase in the appearance of pop-up and pop-under advertisements when the computer is infected with this Trojan application. These advertisements appear randomly. The user may find this annoying as the advertisements may prevent the user from doing usual computer activities. These advertisements are also said to take up system resources. As a result, the affected computer slows down in performance.

The W32.Cbomb program has keylogging techniques. This enables the application to record any information typed by the user on the keyboard. This includes password for several of the user’s online accounts, banking account details, credit card numbers, personal e-mails and instant messenger conversations. All the information collected from the computer is stored in a log file. This log file is said to be transmitted to a remote user. The information collected from the computer may be utilized by the remote user to be able to hack into several of the user’s accounts.