Banigo is a trojan that steals user sensitive information and transfers gathered data to predetermined webs sites. Once executed, the parasite secretly installs itself to the system. Then it starts monitoring user Internet activity. When the user accesses web sites of WebMoney, e-gold or other financial web services, it starts recording login names and passwords the user enters into web pages. It can also capture screenshots. Furthermore, the trojan steals locally stored passwords and user names. It runs a hidden proxy server and blocks access to well-known security resources and web sites of popular antiviruses. Banigo may also open a command shell, and thus provide the attacker with unauthorized access to the compromised computer. The parasite uses a rootkit to hide its presence in the system. Banigo runs on every Windows startup. The trojan usually arrives attached to bogus e-mail messages.