ESET Uncovers Fresh Trojan with Data Stealing Capability

ESET the security company has said that its researchers have discovered one wholly fresh malware category, which's empowered with data-stealing abilities, very much same as those of other popular and active malicious programs.

The new threat known as Hesperbot is spread through e-mails that sound rather persuasive. These e-mails attach supposedly genuine package-hunting files that different postal companies sent alternatively pretend to be messages from outfits like Internet Service Providers. They reportedly attempt at duping recipients into taking down as also executing one sinister Windows executable craftily labeled as [filename].pdf.exe.

When loaded, Hesperbot quietly steals passwords via recording the end-user's keystrokes, garners clips of films incase the webcam is on, captures screenshots, taps into network traffic, while uploads the entire material onto the cyber criminals' C&C server. There's also a possibility that the Trojan starts one concealed Virtual Network Computing (VNC) service so the crooks can compromise and manipulate the target PC's operations.

Malware Researcher and leader of ESET's analysts team for the new threat says that the malware's assessment shows that the Trojan is a banking malware having identical objectives and similar functionality as the notorious SpyEye or ZeuS, although considerable execution distinctions suggest that it belongs to one fresh malware group instead of being any variant of an earlier determined Trojan. Help Net Security published this dated September 5, 2013.

It's further evident that the malware's purveyors try making end-users load the Trojan's mobile component onto their Android, Blackberry or Symbian mobile gadgets.

ESET explains that the configuration-marked malicious files, which the HTTP interception as well as injection module of the malware utilize, clearly tell the names of the banking sites that each bot needs to target.

Also state ESET's researchers, the infection has spread in the Czech Republic, Turkey, UK and Portugal, although UK computers have been attacked with one special Hesperbot sample.

Meanwhile, during late July this year (2013), RSA's researchers had uncovered one other fresh banking Trojan, which could skillfully compete Citadel, SpyEye and ZeuS via its efficacious dissemination tactic. That Trojan called KINS is largely similar to SpyEye/ZeuS, while also features one likewise DLL plug-in related formulation.

» SPAMfighter News - 9/11/2013