About DBS | Our Branches & ATMs | Contact Us | 中文  
 
Skip to main content
Sign In |
  Help (new window)
Development Bank of Singapore

security

  
DBS > security > Pages > security-alerts-news.aspx  

Security Alerts & News

Malware Alert

Date: 17 Apr 2013 Alert Level: Amber Type: Malware
Description: We have discovered a malware that may affect users of the DBS Internet Banking website. This malware infects customers’ workstations or devices. Once customers’ workstations/devices are infected, it is designed to steal customers’ information by altering the flow of the Internet Banking website when credit card related links have been selected. It will ask for “Card Expiry Date”, “CVV2 Code” or "Three-digit security code", “Cardholder Address”, “Cardholder ZIP”, “Cardholder Date of Birth” and “Password” claiming that credit card and card holder information needs to be verified. This step is not part of the DBS Internet Banking website. Please do not provide any of such information.

Below are screenshots of what the DBS Internet Banking website looks like after it is infected with this malware:

 
 
 
 
If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Customers are reminded to remain cautious when banking online:

1) Never provide your credit card details in iBanking as the credit card details are only required when you do online purchases.
2) Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
3) Read carefully the transaction details in the SMS or email alerts. Validate that the messages reflect your transaction requests. For example, check that the account number is correct.
4) Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
  1. receive SMS or email for transactions that you did not perform or account number that you do not know
  2. experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
  3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress", "Please wait…" or such as the above screenshots
5) Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
6) For more security tips, please refer to Protecting Yourself Online

Malware Alert

Date: 07 Mar 2013 Alert Level: Amber Malware: Zbot (Zeus)
Description: We have discovered different variants of Zbot (Zeus) malware that may affect users of the DBS Internet Banking website. This malware infects customers’ computers or devices. Once customers’ computers or devices are infected, the malware will attempt to steal customers’ information by altering the flow of the DBS Internet Banking website to steal login and authorisation credentials (User ID, PIN, DBS iB Secure PIN, SMS OTP and so on). It will show a rotating “Please Wait…” message and ask for the customer’s user ID, PIN and iB Secure PIN repeatedly. The suspicious message is circled in red.

 
This is typically followed by this screen:
If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Customers are reminded to remain cautious when banking online:

1) DBS will never ask for "Sign 1" of the iBSecure Device during login.
2) Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
3) Read carefully the transaction details in the SMS or email alerts. Validate that the messages reflect your transaction requests. For example, check that the account number is correct.
4) Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
  1. receive SMS or email for transactions that you did not perform or account number that you do not know
  2. experience difficulty accessing your account after you have entered your credentials or see repeated login pages asking for your login details
  3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"
5) Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
6) Do not provide your card information such as card number and card PIN in the Internet Banking login page.
7) For more security tips, please refer to Protecting Yourself Online .

Malware Alert

Date: 26 February 2013 Alert Level: Amber Type: Malware
Description: We have discovered malware that may affect the legitimacy of the DBS IDEAL website. Once customers’ computers or devices are infected, the malware will attempt to steal customers’ login and authorisation credentials (Organisation ID, User ID, PIN, Security Access Code, SMS OTP and Challenge/Response) by altering the flow of logging onto the DBS IDEAL website.

It will show a rotating “Please Wait …” message that does not exist on the DBS IDEAL website.

Here is a screenshot of what the DBS IDEAL website will look like after a computer or device has been infected with this malware. The suspicious messages are circled in red.

 
 
Customers are reminded to remain cautious when banking online:

1) Do not enter the any challenge code into your security device if you did not perform any financial transaction(s) in your account. Please note that during the log in process, you will never be asked to input a Challenge/Response.
2) Read carefully the transaction details in the SMS or email alerts. Validate that the messages reflect your transaction requests. For example, check that the account number is correct.
3) Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
4) Check your last login and transaction history regularly for any abnormal transactions.
5) Please inform our contact centre at 1800 222 2200 immediately if you encounter any of the following situations:
  1. receive SMS or email for transactions that you did not perform or account number that you do not know
  2. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"

Customers are assured that the DBS IDEAL website remains secure and is not the source of this malware.

Fake DBS Website Alert

Date: 9 February 2013 Alert Level: Green Criticality: Low
Description: There is a fake website found in the Internet which pretends to be the DBS Internet Banking website. The website http://aspectpine.co.uk/dbs/welcome.htm is a phishing website posing as the DBS Internet Banking website, designed to steal customer IDs, Pins and one time passwords.

This website has been removed. Customers are reminded to refrain from providing any confidential information. Remember,
  • DBS will never ask you for your PIN number, via email or phone.
  • Always type in the URL of DBS website directly into the address bar of your browser.
  • Alert us immediately, if you notice unknown transactions appearing on your account.
  • Never reply to unsolicited emails.

Malware Alerts

Date: 16 Jun 2012 Alert Level: Amber Malware: Zbot (Zeus)
Description: We have discovered malware that may affect the legitimacy of the DBS Internet Banking website. This malware infects customers’ computers or devices. Once customers’ computers or devices are infected, the malware will attempt to steal customers’ information by altering the flow of the DBS Internet Banking website to steal login and authorisation credentials (User ID, PIN, DBS iB Secure PIN, SMS OTP and so on). It will show a rotating “Please Wait…” message and a step called “Secure Token Validation” which asks for the customer’s iB Secure PIN repeatedly – both of which do not exist on the DBS Internet Banking website. These suspicious messages are circled in red.

 
 
 
If you see any of the above changes while banking online with us, your computer or device may likely be infected with this malware. You are advised not to proceed with any transactions until your computer or device has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware.

Customers are reminded to remain cautious when banking online:

1) Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account.
2) Read carefully the transaction details in the SMS or email alerts. Validate that the messages reflect your transaction requests. For example, check that the account number is correct.
3) Protect your computer from being infected by using anti-virus software and updating it with the latest anti-virus signature.
4) Do not provide your card information such as card number and card PIN in the Internet Banking login page.
5) Please inform our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately if you encounter any of the following situations:
  1. receive SMS or email for transactions that you did not perform or account number that you do not know
  2. experience difficulty accessing your account after you have entered your credentials
  3. see unfamiliar banking processes/messages such as “Secure token validation”, "Security verification in progress" or "Please wait…"
6) For more security tips, please refer to Protecting Yourself Online

Remedy: The following list of anti-virus software is known to be able to detect and quarantine this type of malware.
Anti-Virus Version Signature date
AhnLab-V3 Spyware/Win32.Zbot 20120628
AntiVir TR/Crypt.XPACK.Gen 20120628
Antiy-AVL Trojan/Win32.Zbot.gen 20120628
Avast Win32:Susn-AJ [Trj] 20120628
AVG PSW.Generic9.CLKR 20120628
BitDefender Trojan.Generic.KD.641912 20120628
ByteHero Virus.Win32.Heur.c 20120613
ClamAV Trojan.Zbot-22915 20120628
Commtouch W32/Zbot.FB.gen!Eldorado 20120628
Comodo TrojWare.Win32.Kryptik.AGOY 20120628
DrWeb Trojan.Inject1.4253 20120628
Emsisoft Trojan-PWS.Win32.Zbot!IK 20120628
F-Prot W32/Zbot.FB.gen!Eldorado 20120627
F-Secure Trojan.Generic.KD.641912 20120628
Fortinet W32/Zbot.UH!tr.pws 20120628
GData Trojan.Generic.KD.641912 20120628
Ikarus Trojan-PWS.Win32.Zbot 20120628
Jiangmin TrojanSpy.Zbot.axmb 20120628
K7Anti-virus Spyware 20120627
Kaspersky Trojan-Spy.Win32.Zbot.dyij 20120628
McAfee PWS-Zbot.gen.uh 20120628
McAfee-GW-Edition PWS-Zbot.gen.uh 20120628
Microsoft PWS:Win32/Zbot.gen!AF 20120628
NOD32 Win32/Spy.Zbot.AAN 20120627
Norman W32/Injector.AQSI 20120627
nProtect Trojan/W32.Agent.319968.B 20120628
Panda Generic Trojan 20120627
PCTools Trojan.Zbot 20120628
Sophos Mal/Zbot-BRU 20120628
Symantec Trojan.Zbot 20120628
TheHacker Trojan/Kryptik.agoy 20120627
TrendMicro H2_AGENT_044167.TOMB 20120628
TrendMicro-HouseCall H2_AGENT_044167.TOMB 20120628
VBA32 Trojan.Zbot.7612 20120626
VIPRE Trojan-PWS.Win32.Zbot.af.gen (v) 20120628
ViRobot Trojan.Win32.A.Zbot.319968 20120628
VirusBuster Trojan.Kryptik!87wILK2ElVg 20120627
 
Date: 30 May 2012 Alert Level: Amber Criticality: Low
Description: We have discovered different variants of Torpig (also known as Anserin or Sinowal) malware that may affect the legitimacy of the DBS Internet Banking websites. This malware infects customers’ workstations or devices. Once customers’ workstations/devices are infected, it is designed to steal customers’ information by altering the flow of the existing Internet Banking websites of Singapore banks. It will ask for “card number”, the “signature panel code” (CVV code), “expiration date” and “ATM PIN”, claiming the computer is not recognized. In general, it will attempt to steal information from the infected computers, including all found passwords. Please do not provide any of such information. Here below is a screenshot of how the DBS Internet Banking website looks like after it is infected with this malware:
If you see any of the above changes while banking online with us, your computer may likely be infected with this malware. You are advised not to proceed with any transactions until your computer has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware. Customers are reminded to remain cautious when banking online. Do not provide all your card information. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account. Protect your computer from being infected with such malware by using anti-virus software and updating it with the latest anti-virus signature. If you suspect that your computer or your bank accounts have been compromised while banking online with us, please report it to our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately.
Remedy: The following list of Anti-virus software is known to be able to detect and quarantine this type of malware.
Anti-virus Version Signature date
AhnLab-V3 Trojan/Win32.Scar 20120511
AntiVir BDS/Sinowal.nue 20120511
Antiy-AVL Trojan/win32.agent.gen 20120512
Avast Win32:Sinowal-JN [Trj] 20120512
AVG BackDoor.Generic15.ALJB 20120511
BitDefender Trojan.PWS.Sinowal.NCX 20120512
ByteHero Trojan.Win32.Heur.088 20120511
CAT-QuickHeal Backdoor.Sinowal.pzh 20120511
ClamAV - 20120512
Commtouch W32/Sinowal.AD.gen!Eldorado 20120512
Comodo TrojWare.Win32.Kryptik.SZK 20120512
DrWeb Trojan.Packed.21724 20120512
Emsisoft Trojan-PWS.Sinowal!IK 20120512
eSafe Win32.BDSSinowal.Nue 20120509
eTrust-Vet Win32/Sinowal.J!generic 20120511
F-Prot W32/Sinowal.AD.gen!Eldorado 20120511
F-Secure Trojan.PWS.Sinowal.NCX 20120512
Fortinet W32/Sinowal.BJ!tr 20120508
GData Trojan.PWS.Sinowal.NCX 20120512
Ikarus Trojan-PWS.Sinowal 20120512
Jiangmin - 20120512
K7Anti-virus Backdoor 20120511
Kaspersky Backdoor.Win32.Sinowal.pzh 20120511
McAfee Artemis!DB0BA4479277 20120512
McAfee-GW-Edition - 20120512
Microsoft PWS:Win32/Sinowal.gen!AA 20120512
NOD32 a variant of Win32/Kryptik.TEK 20120512
Norman W32/Sinowal.FSY 20120511
nProtect Trojan.PWS.Sinowal.NCX 20120511
Panda Trj/Sinowal.gen 20120511
PCTools Trojan.Anserin 20120512
Rising - 20120511
Sophos Mal/Sinowal-N 20120512
SUPERAntiSpyware - 20120512
Symantec Trojan.Anserin 20120512
TheHacker Backdoor/Sinowal.pzh 20120511
TrendMicro TROJ_GEN.R47CDDJ 20120512
TrendMicro-HouseCall TROJ_GEN.R47CDDJ 20120511
VBA32 BScope.Backdoor.Sinowal.3921 20120511
VIPRE Trojan-Dropper.Win32.Sinowal.y (v) 20120512
ViRobot - 20120512
VirusBuster Trojan.DR.Sinowal.Gen.20 20120511
 
Date: 05 Sep 2011 Alert Level: Amber Criticality: Low
Description: We have discovered different variants of Spyeye malware that may affect the legitimacy of the DBS Internet Banking websites. This malware targets Singapore Internet Banking websites which include the DBS Internet Banking website, DBS IDEAL™, DealOnline and VICKERS Online websites. It is designed to steal customers’ information by altering the “look and feel” of the existing Internet Banking websites. For instance, if the malware infects the customer's computer, the DBS Internet Banking website will look different and will ask the customer to key in his user ID, pin and one-time pin from his token all at the same time, instead of the usual login method. Here is a comparison of how the DBS Internet Banking website looks like before and after it is infected with this malware:
Another indication of the malware infection is that the internet banking website login page remains the same. However, upon login the customer will redirceted to a page that states "We are checking your security settings. Every step can take 1-10 minutes...." If you see any of the above changes while banking online with us, your computer may likely be infected with this malware. You are advised not to proceed with any transactions until your computer has been checked and disinfected. Customers are assured that the DBS Internet Banking website remains secure and is not the source of this malware. Customers are reminded to remain cautious when banking online. Do not enter the OTP from your token or your IB Message SMS if you did not add payee(s) or perform other online transactions in your account. Protect your computer from being infected with such malware by using an anti-virus software and updating it with the latest anti-virus signature. If you suspect that your computer or your bank accounts have been compromised while banking online with us, please report it to our contact centre at 1800 111 1111 immediately.
Remedy: The following list of Anti-virus software is known to be able to detect and quarantine this type of malware.
Anti-virus Version Signature date Virus name detected
AhnLab-V3 2011.09.04.00 2011.09.04 Spyware/Win32.Zbot
AntiVir 7.11.14.92 2011.09.04 TR/EyeStye.N.1532
Antiy-AVL 2.0.3.7 2011.09.04 Trojan/Win32.SpyEyes.gen
Avast 4.8.1351.0 2011.09.04 Win32:Malware-gen
Avast5 5.0.677.0 2011.09.04 Win32:Malware-gen
AVG 10.0.0.1190 2011.09.05 PSW.Generic9.OTZ
BitDefender 7.2 2011.09.05 Trojan.Generic.KD.337313
ByteHero 1.0.0.1 2011.08.22 -
CAT-QuickHeal 11.00 2011.09.04 -
ClamAV 0.97.0.0 2011.09.05 -
Commtouch 5.3.2.6 2011.09.04 -
Comodo 9994 2011.09.04 UnclassifiedMalware
DrWeb 5.0.2.03300 2011.09.05 Trojan.PWS.SpySweep.52
Emsisoft 5.1.0.11 2011.09.05 Trojan.Win32.Spyeye!IK
eSafe 7.0.17.0 2011.09.04 -
eTrust-Vet 7.0.17.0 2011.09.04 -
F-Prot 4.6.2.117 2011.09.04 -
F-Secure 9.0.16440.0 2011.09.04 Trojan.Generic.KD.337313
Fortinet 4.3.370.0 2011.09.04 W32/SpyEyes.MLQ!tr
GData 22 2011.09.05 Trojan.Generic.KD.337313
Ikarus T3.1.1.107.0 2011.09.05 Trojan.Win32.Spyeye
Jiangmin 13.0.900 2011.09.04 TrojanSpy.SpyEyes.eto
K7Anti-virus 9.111.5083 2011.09.02 Spyware
Kaspersky 9.0.0.837 2011.09.05 Trojan-Spy.Win32.SpyEyes.mlq
McAfee 5.400.0.1158 2011.09.05 Trojan-Spy.Win32.SpyEyes.mlq
McAfee-GW-Edition 2010.1D 2011.09.05 PWS-Zbot.gen.js
Microsoft 1.7604 2011.09.04 Trojan:Win32/EyeStye.N
NOD32 6436 2011.09.05 a variant of Win32/Kryptik.SET
Norman 6.07.11 2011.09.04 W32/Suspicious_Gen2.PPEEN
nProtect 2011-09-04.01 2011.09.04 Trojan/W32.Agent.289792.CR
Panda 10.0.3.5 2011.09.04 Trj/CI.A
PCTools 8.0.0.5 2011.09.05 Trojan.Gen
Prevx 3.0 2011.09.05 -
Rising 23.73.01.03 2011.08.30 -
Sophos 4.69.0 2011.09.04 Mal/SpyEye-U
SUPERAntiSpyware 4.40.0.1006 2011.09.04 -
Symantec 20111.2.0.82 2011.09.05 -
TheHacker 6.7.0.1.290 2011.09.03 -
TrendMicro 9.500.0.1008 2011.09.03 -
TrendMicro-HouseCall 9.500.0.1008 2011.09.05 TROJ_GEN.R3AC2HV
VBA32 3.12.16.4 2011.09.02 -
VIPRE 10374 2011.09.05 Trojan.Win32.Generic!BT
ViRobot 2011.9.3.4655 2011.09.04 -
VirusBuster 14.0.200.0 2011.09.03 -
 
Date: 4 Feb 2011 Alert Level: Green Malware: Spyeye
Description: A Spyeye malware is found to be targeting local banks in Singapore including DBS. This malicious software, which can be transmitted through compromised websites, is designed to steal private data such as user ID and pin from Internet Banking sites that the user visited. A user being asked to key in his pin and/or one-time password a few times can be an indication of Spyeye infection. Customers are reminded not to key in SMS OTP (one-time password) for transactions that they did not perform, such as adding payees or transferring funds. 
The following screenshots show how the DBS Internet Banking website differs when used in computer that is infected by this malware. Customers are also reminded to be cautious when banking online, by verifying the legitimacy of the Internet Banking website that they are using. If you suspect that your computer has been compromised while banking online with us, please report it to our customer centre at 1800 111 1111 or +65 6327 2265 (when calling from overseas) immediately.
DBS Internet Banking website used in a "Spyeye-infected" computer
  DBS Internet Banking website used in a “malware-free” computer

Remedy: The following list of Anti-virus software is known to be able to detect and quarantine this backdoor virus.

Anti-virus Version Signature date Virus name detected
AhnLab-V3 2011.01.27.01 2011.01.27 Spyware/Win32.SpyEyes
AntiVir 7.11.2.71 2011.02.04 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2011.01.28 Trojan/Win32.SpyEyes.gen
Avast 4.8.1351.0 2011.02.04 Win32:Malware-gen
Avast5 5.0.677.0 2011.02.04 Win32:Malware-gen
AVG 10.0.0.1190 2011.02.04 unknown virus Win32/DH.BA
BitDefender 7.2 2011.02.04 Trojan.Generic.KDV.116346
CAT-QuickHeal 11.00 2011.02.04 TrojanSpy.SpyEyes.elr
ClamAV 0.96.4.0 2011.02.04 -
Commtouch 5.2.11.5 2011.02.04 -
Comodo 7586 2011.02.04 -
DrWeb 5.0.2.03300 2011.02.04 -
Emsisoft 5.1.0.2 2011.02.04 Trojan.Win32.EyeStye!IK
eSafe 7.0.17.0 2011.02.03 Win32.TRDropper
eTrust-Vet 36.1.8140 2011.02.04 Win32/Etap
F-Prot 4.6.2.117 2011.02.01 -
F-Secure 9.0.16160.0 2011.02.04 Trojan.Generic.KDV.116346
Fortinet 4.2.254.0 2011.02.04 W32/SpyEyes.ELR!tr
GData 21 2011.02.04 Trojan.Generic.KDV.116346
Ikarus T3.1.1.97.0 2011.02.04 Trojan.Win32.EyeStye
Jiangmin 13.0.900 2011.02.04 TrojanSpy.SpyEyes.bdl
K7Anti-virus 9.81.3737 2011.02.03 -
Kaspersky 7.0.0.125 2011.02.04 Trojan-Spy.Win32.SpyEyes.elr
McAfee 5.400.0.1158 2011.02.04 PWS-Spyeye.m
McAfee-GW-Edition 2010.1C 2011.02.04 PWS-Spyeye.m
Microsoft 1.6502 2011.02.04 Trojan:Win32/EyeStye.H
NOD32 5845 2011.02.04 a variant of Win32/Spy.SpyEye.CA
Norman 6.07.03 2011.02.03 W32/Malware.QKUL
nProtect 2011-01-27.01 2011.02.02 -
Panda 10.0.3.5 2011.02.03 Trj/CI.A
PCTools 7.0.3.5 2011.02.04 Trojan-PSW.Generic
Prevx 3.0 2011.02.04 -
Rising 23.43.04.02 2011.02.04 Trojan.Win32.Generic.12779390
Sophos 4.61.0 2011.02.04 Mal/Generic-L
SUPERAntiSpyware 4.40.0.1006 2011.02.04 -
Symantec 20101.3.0.103 2011.02.04 Infostealer
TheHacker 6.7.0.1.123 2011.02.02 -
TrendMicro 9.200.0.1012 2011.02.04 TSPY_SPYEYE.SMB
TrendMicro-HouseCall 9.200.0.1012 2011.02.04 TSPY_SPYEYE.SMB
VBA32 3.12.14.3 2011.02.02 BScope.Banker.xc
VIPRE 8303 2011.02.04 Trojan.Win32.Generic!BT
ViRobot 2011.2.4.4292 2011.02.04 -
VirusBuster 13.6.180.0 2011.02.03 TrojanSpy.SpyEyes!ieTmgwiMnI4

Fake DBS Website Alerts

Date: 19 Jan 2011 Alert Level: Green Criticality: Low
Description: There is a fake website found in the Internet which pretends to be associated with DBS Bank. The website www.dbsinternetbanking.org is a scam website posing as the DBS Internet Banking site. DBS Bank assures that it is not associated with this website.
There is a possibility for this website to evolve to a phishing site, which will then attract users to provide their account information and password. Customers are reminded to refrain from accessing this website or from providing any confidential information.
Remember,
  • DBS Bank will never ask you for your PIN number, via email or phone.
  • Always type in the URL of our banking website directly into the address bar.
  • Alert us immediately, if you notice unknown transactions appearing on your account. Never reply to unsolicited emails.

Malware Alerts

Date: 2 Dec 2010 Alert Level: Green Malware: Haxdoor
Description: This backdoor virus allows hackers to gain remote access to the users computer to phish private information such as customer ID and pin from Internet Banking sites that the user visited.
Transmission Method: Haxdoor can be transmitted through CD-ROMs, memory sticks, external hard drives, email messages with attachments, internet downloads, file transfers, instant messaging channels, and the like.
Remedy: The following list of Anti-virus software is known to be able to detect, quarantine, and/or delete this backdoor virus.

Anti-virus Version Signature date Virus name detected
AhnLab-V3 2010.11.30.00 2010.11.29 Win-Trojan/Haxdor.60256
AntiVir 7.10.14.136 2010.11.29 TR/Crypt.FSPM.Gen
Antiy-AVL 2.0.3.7 2010.11.30 -
Avast 4.8.1351.0 2010.11.29 Win32:Trojan-gen
Avast5 5.0.677.0 2010.11.29 Win32:Trojan-gen
AVG 9.0.0.851 2010.11.30 unknown virus Win32/DH.BA
BitDefender 7.2 2010.11.30 Backdoor.Haxdoor.NN
CAT-QuickHeal 11.00 2010.11.30 (Suspicious) - DNAScan
ClamAV 0.96.4.0 2010.11.30 PUA.Packed.FSG
Command 5.2.11.5 2010.11.30 W32/Dropper.gen5
Comodo 6898 2010.11.30 Heur.Pck.FSG
DrWeb 5.0.2.03300 2010.11.30 BackDoor.Haxdoor.522
Emsisoft 5.0.0.50 2010.11.30 Backdoor.Win32.Haxdoor!IK
eSafe 7.0.17.0 2010.11.29 Win32.TRCrypt.Fspm
eTrust-Vet 36.1.8007 2010.11.29 Win32/Haxdoor!generic
F-Prot 4.6.2.117 2010.11.29 W32/Dropper.gen5
F-Secure 9.0.16160.0 2010.11.30 Backdoor.Haxdoor.NN
Fortinet 4.2.254.0 2010.11.29 -
GData 21 2010.11.30 Backdoor.Haxdoor.NN
Ikarus T3.1.1.90.0 2010.11.30 Backdoor.Win32.Haxdoor
Jiangmin 13.0.900 2010.11.30 Backdoor/Haxdoor.mv
K7Anti-virus 9.69.3115 2010.11.29 EmailWorm
Kaspersky 7.0.0.125 2010.11.30 Backdoor.Win32.Haxdoor.lw
McAfee 5.400.0.1158 2010.11.30 Artemis!B7D0C6A4BEB0
McAfee-GW-Edition 2010.1C 2010.11.29 Heuristic.LooksLike.Win32.SuspiciousPE.C
Microsoft 1.6402 2010.11.29 TrojanDropper:Win32/Bunitu.A
NOD32 5659 2010.11.29 a variant of Win32/Haxdoor
Norman 6.06.10 2010.11.29 Suspicious_F.gen
nProtect 2010-11-29.01 2010.11.29 Backdoor.Haxdoor.NN
Panda 10.0.2.7 2010.11.29 Bck/Haxdoor.OG
PCTools 7.0.3.5 2010.11.30 Backdoor.Haxdoor
Prevx 3.0 2010.11.30 -
Rising 22.76.00.01 2010.11.30 Trojan.Spy.Win32.Undef.GEN
Sophos 4.60.0 2010.11.30 Troj/Haxdor-Gen
SUPERAntiSpyware 4.40.0.1006 2010.11.30 Trojan.Agent/Gen-FSG
Symantec 20101.2.0.161 2010.11.29 Backdoor.Haxdoor
TheHacker 6.7.0.1.093 2010.11.30 Backdoor/Haxdoor.lw
TrendMicro 9.120.0.1004 2010.11.30 TROJ_MALNTL.A
TrendMicro-HouseCall 9.120.0.1004 2010.11.30 TROJ_MALNTL.A
VBA32 3.12.14.2 2010.11.29 Trojan-Droper.Win32.Goldun
VIPRE 7451 2010.11.30 Trojan.Win32.Generic.pak!cobra
ViRobot 2010.11.30.4176 2010.11.30 -
VirusBuster 13.6.66.0 2010.11.29 Trojan.DR.Haxdoor.Gen.4