Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Emotet a New Banking Trojan Found Tapping and Accessing E-traffic

Trend Micro the security company has spotted one fresh banking malware, which it has named "Emotet" as it taps and accesses outbound network traffic from victims' computers in an attempt towards stealing sensitive credentials.

The company says, unlike typical financial malware, the new Emotet PC-Trojan does not resort to form field injection alternatively phishing rather it uses the technique of network sniffing that poses hurdles for security solutions to detect its malevolent operations.

To disseminate the threat, spam mails are dispatched that seemingly talk about shipping invoices or money transfers. There are web-links inside the fake messages which actually lead onto sites created for delivering the malware onto target systems.

The Emotet, when contaminates a PC, pulls down one configuration file that gives details about financial organizations intended to be abused.

Beside this, Emotet also pulls down one DLL file with which the outbound network traffic is tapped and seized.

The DLL that's thrust inside the Web-browser examines the sites the victim visits after the malware selects and targets certain URLs, while incase it finds a match, it retrieves the entire data dispatched to that particular site.

Joie Salvio, Threat Response Engineer at Trend Micro notes that Emotet saves all that's on the website thus stealing and saving its entire data. Softpedia.com published this, June 30, 2014.

Trend's researchers further discovered that even any encrypted connection can't stop the theft of data since the Trojan captures the credentials utilized for logging in done with the help of HTTPS.

According to them, this method of grabbing critical information doesn't raise an alert as there's little indication of suspicious happenings to the user, who thinks all is working normal.

Interestingly, Emotet even encodes data it steals followed with saving it all within system registry. As this doesn't involve creating any new file, the malware again bypasses detection on the machine.

Finally as per Trend Micro, the maximum instances of contaminations by Emotet occurred in Europe, particularly inside Germany. Nevertheless, contaminations have as well happened in North America and Asia-Pacific, indicating the threat isn't confined to only one geographical area, security researchers conclude. CIO published this, July 1, 2014.

» SPAMfighter News - 7/10/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next