Banbra.BOK, which is propagating over public IM networks, is a password stealer type trojan that monitors access to websites of certain financial institutions in order to steal passwords. The trojan then sends the password information to an email address where the information can be used without the user's knowledge.
Security firm Akonix points out that Banbra.BOK is difficult to recognize, as it does not display any messages or warnings that indicate it has reached a computer. The Akonix Security Center classified the trojan as "medium risk."
Banbra.BOK spreads via instant messaging programs after users receive an instant message with titles including Olha minha foto, containing this link: http://hometown.aol.com.(blocked)natal/fotoimagem.exe
If this link is clicked, Banbra.BOK is downloaded to the affected computer.
"These trojans, viruses and worms are becoming more insidious and discreet as hackers are using new tactics to avoid users even knowing that information is being taken from their system until it is too late," said Don Montgomery, vice president at Akonix Systems.
"This threat also seems to be taking advantage of the holiday season when many people may be accessing their online banking information more than usual as they track possible over-spending, make any year-end charitable donations or are generally looking at their finances for the past year as a review."
In order to counter the threat, organizations are advised to ensure that all desktop computers are updated with the latest security patches, and that all public IM use is appropriately blocked or managed.