Win32.shiz

Win32.Shiz (other name: Trojan.PWS.Ibank) is a malicious program designed for online banking fraud.

Current versions of this program support almost all online banking systems in Russian Federation (BS-Client, Sberbank, etc) as well as many online poker clients.

The program can be used to steal usernames and passwords used to access online banking system, cryptographic keys stored as files (e. g. on USB Flash drives or hard disk drives), URLs used to access online banking system and certificates stored in web-browsers. If online banking system uses access control lists based on IP addresses then Win32.Shiz can set up a SOCKS proxy-server on a compromised computer.