The worm plants itself in PCs via pop-up ads when a user closes the window.
The programme, named PWSteal.refest, then waits for the user to enter banking details, records them and sends them to the worm author.
Anti-virus firm Symantec has advised to do take the following steps:
1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Close all Internet Explorer windows.
4. Run a full system scan and delete all the files detected as PWSteal.Refest.
5. Optional: delete the value that was added to the registry.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
