Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Kaspersky Cautions about Fresh Banker Trojan Neverquest

Kaspersky the security company cautions that one fresh Trojan program, which has been named Trojan-Banker.Win32/64.Neverquest and which's used for attacking Internauts transacting with financial institutions, is likely to become widespread pretty fast during the coming few months.

Incidentally, Neverquest became first known on 18th July, 2013 when it was detected infecting computers and by the middle of November 2013, security researchers spotted its numerous attempts at contaminating PCs worldwide.

The researchers further opine that the threat rather new isn't getting fully utilized, although given that it bears the capacity for integrating its own multiplication techniques, it may disseminate fast.

Meanwhile, distribution of Neverquest requires Trojan installers, which download certain library file, while ensure it gets run automatically via the creation of a registry.

And when run, Neverquest verifies for an already existing infection on the system. Incase there isn't any, the threat phones and establishes a communication with its C&C system for getting the expected configuration file. This file has names of 28 websites of payment services and banks operating from different nations, particularly, Turkey, India, Italy and Germany.

Sergey Golovanov, Security Researcher explains that when an end-user using a contaminated computer accesses any of the 28 websites, Neverquest controls everything that goes between his browser as well as the server. The threat's perpetrators then acquire that end-user's usernames and passwords which he may enter, as also change the site's content. Consequently, whatever data the end-user feeds into the changed site gets transmitted back to the miscreants. Threatpost.com published this, November 26, 2013.

Golovanov further explains that after acquiring admission into the user-victim's account, one SOCKS server is used whereby the miscreants link up with contaminated PCs remotely via certain VNC server followed with transferring the user-victim's fund into the miscreants' own A/C else other user-victims' accounts so as for preventing the track going straight to them. Securityweek.com published this, November 26, 2013.

Fascinatingly, Neverquest's objective is to occupy foremost ranks that the Carberp and ZeuS trojans earlier occupied.

Eventually, safeguard from Neverquest and similar malware, in addition to regular anti-virus programs, necessitates deployment of dedicated solution that'll make online financial interactions secure.

ยป SPAMfighter News - 12/3/2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page