Trojan targets Spanish-speaking bank customers

By

A new trojan blending spyware and phishing techniques is threatening Spanish-speaking bank customers, a European security firm warned this week.

Nabload.U, which is distributing itself through MSN Messenger, has targeted online bank users in traditionally Spanish-speaking countries, according to PandaLabs. The virus uses social engineering techniques to get unassuming PC users to download the trojan.


Once it infects a computer, Nabload.U downloads another trojan, Banker.bsx, which captures a user's password and emails the information back to its author.

PandaLabs said the trojan is unusual because it captures passwords without the use of a traditional keylogger, thus leaving the user unaware of the breach. Banks that use virtual keyboards have not been immune from the virus.

"This trojan is an example of a hybrid virus that mixes different techniques," said Luis Corrons, PandaLabs director. "Once the user clicks on the URL, it is able to download a trojan and use techniques similar to some spyware and phishing attacks. It is, without a doubt, a trojan designed to steal data quickly, and without leaving any tracks."

Nabload.U is designed to look like a personal contact, using the words, "va esa vania http://hometown.%eliminado%.au/miralafoto/foto.exe".

Earlier this week, F-Secure warned PC users that a malicious website, http://www.msgrbeta8.com/, has claimed to distribute a leaked version of MSN's Messenger 8 program. No public version of the program exists.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Log In

  |  Forgot your password?