Trojan targets Spanish-speaking bank customers

By

A new trojan blending spyware and phishing techniques is threatening Spanish-speaking bank customers, a European security firm warned this week.

Nabload.U, which is distributing itself through MSN Messenger, has targeted online bank users in traditionally Spanish-speaking countries, according to PandaLabs. The virus uses social engineering techniques to get unassuming PC users to download the trojan.


Once it infects a computer, Nabload.U downloads another trojan, Banker.bsx, which captures a user's password and emails the information back to its author.

PandaLabs said the trojan is unusual because it captures passwords without the use of a traditional keylogger, thus leaving the user unaware of the breach. Banks that use virtual keyboards have not been immune from the virus.

"This trojan is an example of a hybrid virus that mixes different techniques," said Luis Corrons, PandaLabs director. "Once the user clicks on the URL, it is able to download a trojan and use techniques similar to some spyware and phishing attacks. It is, without a doubt, a trojan designed to steal data quickly, and without leaving any tracks."

Nabload.U is designed to look like a personal contact, using the words, "va esa vania http://hometown.%eliminado%.au/miralafoto/foto.exe".

Earlier this week, F-Secure warned PC users that a malicious website, http://www.msgrbeta8.com/, has claimed to distribute a leaked version of MSN's Messenger 8 program. No public version of the program exists.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
bankcustomerssecuritytargetstrojan

Sponsored Whitepapers

Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Service Over Signatures: The Truth About No Lock-In IT
Service Over Signatures: The Truth About No Lock-In IT
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"
Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"
SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?