The Hacker News

on Thursday, 5 September 2013
 

 

The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers // via fulltextrssfeed.com

Hesperbot - A New Banking Trojan that can create hidden VNC server on infected systems
9/5/2013 5:58:00 PM

Security firm ESET has discovered a new and effective banking trojan, targeting online banking users and designed to beat the mobile multi-factor authentication systems.
Hesperbot detected as Win32/Spy.Hesperbot is very identical to the infamous Zeus and SpyEye Banking Malwares and infects users in Turkey, the Czech Republic, Portugal, and the United Kingdom.
Trojan has functionalities such as keystroke logging, creation of screenshots and video capture, and setting up a remote proxy.

The attackers aim to obtain login credentials giving them access to the victim's bank account and getting them to install a mobile component of the malware on their Symbian, Blackberry or Android phone.

Some other advanced tricks are also included in this banking Trojan, such as creating a hidden VNC server on the infected system and can do network traffic interception with HTML injection capabilities.
So far, the Trojan hasn't spread too far. The campaign was first detected in the Czech Republic where the attackers had used phishing emails impersonating the country's postal service. Armed with this information, the crooks can try to log into victims' online bank accounts to siphon off their cash.

The trojan also harvests email addresses from the infected system and sends them to a remote server. It is possible that these collected addresses were also targeted by the malware-spreading campaigns.


As for the UK, a special variant of the malware has been created, but ESET said it could not provide any further detail on it.

Latest Hacking News Updates

Author details

photo of Mohit Kumar

aka 'Unix Root' is Founder and Editor-in-chief of 'The Hacker News'. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. Follow him @ Twitter | LinkedIn | | | Facebook Profile

 

You are receiving this email because you subscribed to this feed at feedmyinbox.com

If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)