The program steals information from several sources, before sending the data back to a remote attacker.
"Agent.NDP is an interesting threat as it does not exploit any security vulnerability and does not contain its own mailing engine," said Pierre Marc Bureau, a researcher at ESET.
"Trojans are commonly used to perform identity theft and other malicious actions. Agent.NDP seems to target Chinese online gamers in an attempt to steal information such as usernames and passwords."
ESET explained that the Trojan is probably installed after being downloaded from a website, almost certainly under the guise of another application.
Agent.NDP then copies itself into the victim's temporary folder and writes a DLL in the same folder. It then injects the DLL code into explorer.exe to monitor system execution and find vulnerable information.
ESET's second highest ranking threat for October was INF/Autorun, accounting for 3.45 per cent of all detections.
INF/Autorun describes a variety of malware that uses the autorun.inf file which contains information to run programs automatically when removable media are inserted into a computer.
_(20).jpg&h=140&w=231&c=1&s=0)
_(33).jpg&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
iTnews Benchmark Awards 2026
iTnews Cloud Covered Breakfast Summit
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
