New, Advanced Banking Trojan Discovered In The Wild

  /     /     /  
Publicated : 22/11/2024   Category : security


New, Advanced Banking Trojan Discovered In The Wild


New Hesperbot Trojan targets online banking users in Europe, Turkey



A new, advanced banking Trojan is infecting users in Turkey, the Czech Republic, Portugal, and the United Kingdom, according to researchers at ESET.
In a
blog posted on Wednesday
, the researchers warned of a Trojan called Win32/Spy.Hesperbot, which does keystroke logging and sets up a remote proxy on the end users machine. Hesperbot also does some advanced tricks, such as creating a hidden virtual network computing (VNC) server on the end users machine, ESET says.
The Trojan uses a very credible-looking, phishing-like campaign that appears to come from trustworthy organizations to lure its victims, ESET says. The aim of the attackers is to obtain login credentials giving access to the victims bank account and to get them to install a mobile component of the malware on their Symbian, Blackberry or Android phone, the blog says.
So far, the Trojan hasnt spread too far. ESET estimates that it has infected several hundred users computers in Turkey, and even fewer in the Czech Republic, Portugal, and the United Kingdom. It tries to trick users into loading the malware by sending emails that appear to be tracking information from the local postal service, the blog states.
In the course of our research, we also stumbled upon an additional component used by Win32/Spy.Hesperbot, the blog says. This malware, detected by ESET as Win32/Spy.Agent.OEC, harvests e-mail addresses from the infected system and sends them to a remote server. It is possible that these collected addresses were also targeted by the malware-spreading campaigns.
The attack is new and may not yet be recognized by all antivirus systems.
Have a comment on this story? Please click Add a Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
New, Advanced Banking Trojan Discovered In The Wild