Trojan targets Spanish-speaking bank customers

Nabload.U, which is distributing itself through MSN Messenger, has targeted online bank users in traditionally Spanish-speaking countries, according to PandaLabs. The virus uses social engineering techniques to get unassuming PC users to download the trojan.

Once it infects a computer, Nabload.U downloads another trojan, Banker.bsx, which captures a user's password and emails the information back to its author.

PandaLabs said the trojan is unusual because it captures passwords without the use of a traditional keylogger, thus leaving the user unaware of the breach. Banks that use virtual keyboards have not been immune from the virus.

"This trojan is an example of a hybrid virus that mixes different techniques," said Luis Corrons, PandaLabs director. "Once the user clicks on the URL, it is able to download a trojan and use techniques similar to some spyware and phishing attacks. It is, without a doubt, a trojan designed to steal data quickly, and without leaving any tracks."

Nabload.U is designed to look like a personal contact, using the words, "va esa vania http://hometown.%eliminado%.au/miralafoto/foto.exe".

Earlier this week, F-Secure warned PC users that a malicious website, http://www.msgrbeta8.com/, has claimed to distribute a leaked version of MSN's Messenger 8 program. No public version of the program exists.