Full
Name: |
Trojan.Banker-Q |
Type: |
Trojan |
Also Known As: |
TSPY_BANCOS.ASC (Trend Micro), Banker.CDV(Panda)
Trojan-Spy.Win32.Bancos.xe (Kaspersky)
W32/Bancos.XE!tr.spy (Fortinet)
W32/Bancos.ITW (Authentium)
Trojan.Banker.Delf.DE (BitDefender)
|
Danger Level: |
7 |
Category Description: |
Trojans are malicious applications that pose themselves as legitimate software in order to trick users to install them. Once on the victim's machine, it may run any number of malicious process to steal vital information or inflict damage to other software. |
Comment: |
Trojan.Banker-Q is a password stealing trojan for various online services.
It is often downloaded into user computer by a downloader Trojan.
It steals sensitive information when a user enter login details into any of the following web sites.
http://mail.yahoo.com
https://mail.yahoo.com
barclays.co.uk
hsbc.co.uk
olb2.nationet.com
deutsche-bank.de
nwolb.com
co-operativebank.co.uk
my.if.com
smile.co.uk
cahoot.com
webbank.openplan.co.uk
anbusiness.com
mybank.alliance-leicester.co.uk
officebanking.cl
santandersantiago.cl
https://www.bbvanet.cl/bbvanet
abbeynational.co.uk
It also monitors the Internet Explorer for the web sites with following strings in its title to steal sensitive information.
Banco en Linea
Empresas en Linea
Documento
BBVAnet Personas
Alguno de los datos ingresados es incorrecto.
Por favor considere lo siguiente:
BBVAnet Empresas
Sends the stolen information to remote server, but it requires Windows NT Server. |
|
|
Properties: |
|