Another Banking Trojan Sunspot at Par with SpyEye-Zeus Duopoly

Trusteer, the transaction security company recently detected a not so well-known malware for Windows called Sunspot that's doing the rounds, while for the first time carrying out financial fraud. Help Net Security reported this in news on May 11, 2011.

Already, there have been incidences wherein Trojan Sunspot has caused losses from fraudulent operations, says Trusteer. Created to execute different kinds of malicious activities, Sunspot runs man-in-the-browser assaults, with offences like web insertions, key-logging, page-hijacking or screen shooting meaning seizing screenshots of where a user's mouse is while he enters his password.

Furthermore, the Trojan can ask for extra Internet banking information belonging to the user like own credit/debit card details, including the card's number, its CVV, ATM PIN and date of expiry as well as replies to confidential queries. In addition, the malware is capable of extracting confidential private details of the user such as his birth date, mother's name, etc., which can be exploited for masquerading marks so fake credit lines can be acquired.

Stated Chief Technology Officer Amit Klein at Trusteer, Sunspot was presently attacking financial institutions in North America, while it had acquired the infection rates same as of Zeus and SpyEye within certain regions. Klein added that Sunspot was confirmed to cause losses from scams; therefore the danger from the malware was genuine. NetworkWorld reported this in news on May 11, 2011.

Presently, the Trojan represents one more instance among an increasing number of malware programs that attempt at stealing financial information, while existing overwhelmingly online.

Moreover, Klein said that there were two interesting aspects about Sunspot. First, it disclosed one fresh mode for evolving financial malware with which it was possible to observe malware writing undergoing a wide variation wherein less familiar malware were once again coded for executing financial scam. Help Net Security published this in news on May 11, 2011.

Significantly, according to Klein, Sunspot's development was prior to the free availability of Zeus' source code although it was not expected that its freshly developed characteristics were associated with the widespread existence of Zeus' code to say the least in a direct way.

Related article: Another Worm Using Bush’s Theme Creeps Into PCs

» SPAMfighter News - 5/19/2011