[ news_security_news ]
Complex Trojans Go After Online Banking
John Stith
Staff Writer
2005-12-27
 Insider Reports RSS Feed
A new Trojan virus is making its rounds, focusing on Spanish-speaking Internet users who utilize online banking. The virus combines social engineering via instant messenger and uses spyware and phishing.
A hat tip goes to Ted Richardson for picking up on this one. The Nabload.U, spotted by Panda Software's PandaLabs on Monday, distributes itself through instant messenger services. Once it's in, it loads in another Trojan called Banker.bsx. Banker roots around and searches for banking passwords of certain banks.
The most unusual aspect of this Trojan is its ability to capture the information without the use of a traditional key logger. The user will be unaware that this is occurring. Banks that use virtual keyboards to avoid keyloggers won't be protected from this Trojan.
According to Luis Corrons, PandaLabs director: "This Trojan is an example of a hybrid virus that mixes different techniques. Once the user clicks on the URL, it is able to download a Trojan and use techniques similar to some spyware and phishing attacks. It is, without a doubt, a Trojan designed to steal data quickly, and without leaving any tracks."
This Trojan opens up port 1106 on the computer and stays active. So, when the user tries to access one of the online bank addresses shown bellow, the Trojan will be able to capture what the user is doing on the screen, including the login and password typed by virtual keyboards to access the bank account.
The complexity of this virus makes it a tricky little bugger. Because it has multiple levels in including the social networking via IM, it makes it particularly nasty. As these viruses become more insidious and difficult, it means security will have to work on them much quicker.
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
