English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Mcafee Detects New Info Capturing Trojan

Researches at security company McAfee have recently identified a malicious program "PWS-Banker.gen.i" which is a Trojan that steals information on Internet banking. Reportedly, the Trojan is the creation of Brazilian malware authors.

It (PWS-Banker.gen.i) after seizing a user's bank account details including username and password transmits the stolen data to its controller through various modes such as SMTP, FTP and HTTP among others.

In some cases, when the Trojan infects the computer, it might dispatch e-mails to the program controller via Outlook, or via network traffic pertaining to port 25, after linking to an SMTP server located afar. Additionally, it might ask the affected end-user to key in his banking credentials. Meanwhile, it is reported that the Trojan has several variants.

Moreover, the malware does not replicate automatically. Nevertheless, other Trojans and/or viruses planted on the end-user's computer may download it.

States security researcher Pedro Bueno at McAfee that 'PWS-Banker.gen.i' aims attack on three banks in Brazil i.e. Itau, Real and Bradesco for the capture of key information like username, password, paper token details, bank account number, and branch office. McAfee published this on June 11, 2009.

Also states Bueno that the case of PWS-Banker.gen.i is not something new as there have been several password-stealing Trojans down the years. However, the point that struck him relates to the creator of PWS-Banker.gen.i who did nothing to safeguard the stolen information as the malware carries all the identification details required for accessing the target information within its code.

Security researchers say that bad enough as it is that an unauthorized person can access a user's bank info; it is even scaring that anybody checking the malicious Trojan can as well access the same data. It is for this reason that the researchers have called the malware writer "dumb."

In the meantime, McAfee has spotted another similar Trojan called PWS-Banker.gen.de that emanated from China. Once executed, this malware asks for the IP address of the infected system through three different services that search IP addresses. Subsequently, it raises an SQL query via TCP and transmits the captured passwords onto a server located remotely in China.

» SPAMfighter News - 03-07-2009

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>