Nabload.U, which is distributing itself through MSN Messenger, has targeted online bank users in traditionally Spanish-speaking countries, according to PandaLabs. The virus uses social engineering techniques to get unassuming PC users to download the trojan.
Once it infects a computer, Nabload.U downloads another trojan, Banker.bsx, which captures a user's password and emails the information back to its author.
PandaLabs said the trojan is unusual because it captures passwords without the use of a traditional keylogger, thus leaving the user unaware of the breach. Banks that use virtual keyboards have not been immune from the virus.
"This trojan is an example of a hybrid virus that mixes different techniques," said Luis Corrons, PandaLabs director. "Once the user clicks on the URL, it is able to download a trojan and use techniques similar to some spyware and phishing attacks. It is, without a doubt, a trojan designed to steal data quickly, and without leaving any tracks."
Nabload.U is designed to look like a personal contact, using the words, "va esa vania http://hometown.%eliminado%.au/miralafoto/foto.exe".
Earlier this week, F-Secure warned PC users that a malicious website, http://www.msgrbeta8.com/, has claimed to distribute a leaked version of MSN's Messenger 8 program. No public version of the program exists.
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
