Banleed is a worm that spreads through unprotected network shares. Once executed, the parasite installs itself to the system and starts a spreading routine. Then it updates itself via the Internet and attempts to download certain files. Banleed is designed for stealing user confidential information. The worm monitors web sites opened in Microsoft Internet Explorer or Mozilla Firefox. If the opened site has one of the predetermined addresses, Banleed hijacks the web browser and displays a fake page of the bank site. This page asks the user to provide bank account details and other sensitive information. Banleed runs on every Windows startup. It affects only those machines, which run the Portuguese version of the Windows operating system.