Malicious Code: Trojan.Silentbanker
January 22nd, 2008 Posted/Linked by Shanmuga
"The scale and sophistication of this emerging banking Trojan is worrying, even for someone who sees banking Trojans on a daily basis. This Trojan downloads a configuration file that contains the domain names of over 400 banks. Not only are the usual large American banks targeted but banks in many other countries are also targeted, including France, Spain, Ireland, the UK, Finland, Turkey—the list goes on.
The ability of this Trojan to perform man-in-the-middle attacks on valid transactions is what is most worrying. The Trojan can intercept transactions that require two-factor authentication. It can then silently change the user-entered destination bank account details to the attacker’s account details instead. Of course the Trojan ensures that the user does not notice this change by presenting the user with the details they expect to see, while all the time sending the bank the attacker’s details instead. " - Content courtesy of Symantec Security Response Weblog: Banking in Silence
If you enjoyed this post, make sure you subscribe to my RSS feed!
This entry was posted on Tuesday, January 22nd, 2008 at 11:02 am and is filed under Malware. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
January 27th, 2008 at 9:36 am
[...] bookmarks tagged malicious Malicious Code: Trojan.Silentbanker saved by 4 others HeissesKreuz bookmarked on 01/26/08 | [...]