Viruslist: Trojan-Spy.HTML.Bankfraud.jk


This Trojan program utilizes spoofing technology. It is made as a fake HTML page. It is designed to steal information from Postbank clients. It arrives as a important message alledgedly sent by PostBank. This message contains a link to the fake page; this link exploits the Frame Spoof vulnerability in Internet Explorer.

The Frame Spoof vulnerability (MS04-004) is present in Microsoft Internet Explorer v. 5.x and 6.x, and detailed in Microsoft Security Bulletin MS04-004. The document describes this vulnerability and gives recommendations on how to recognize spoofed sites. Once a user visits the fake site, and enters account details or personal information, these details are sent to a malicious remote user, who will then have access to users' account. Viruslist.com - Trojan-Spy.HTML.Bankfraud.jk

Linked by shanmuga Wednesday, 9th November 2005 10:22PM