Banleed.b is a worm that spreads through unprotected network shares. Once executed, the parasite installs itself to the system and starts a spreading routine. Then it updates itself via the Internet and attempts to download certain files. Banleed.b is designed for stealing user confidential information. The worm monitors web sites opened in Microsoft Internet Explorer or Mozilla Firefox. If the opened site has one of the predetermined addresses, Banleed.b hijacks the web browser and displays a fake page of the bank site. This page asks the user to provide bank account details and other sensitive information. Stolen data is sent to a predetermined e-mail address. Banleed.b runs on every Windows startup. It affects mostly machines running Portuguese and Spanish versions of the Windows operating system.