Monday, September 09 12:52:45
A new and effective banking trojan has been discovered targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. It uses very credible-looking phishing-like campaigns, related to trustworthy organisations, to lure victims into running the programme.
Banking Trojans dupe an account holder to log into a duplicate of their bank's website, thereby conning them into giving up their username, password and account number, which they then use to log in.
Once someone logs into their account again, special software triggers an automatic transfer system that moves money out of the victim's account to another account within the same bank, and covers up the evidence so that neither the user nor the bank notices right away.
This very potent and sophisticated banking malware dubbed Hesperbot is spreading via phishing-like emails and also attempts to infect mobile devices running Android, Symbian and Blackberry.
ESET, the online security company who made the discovery have said the country most affected by this banking trojan is Turkey, with Hesperbot detections there dating back to even earlier than August 8. Recent peaks in activity were observed in Turkey in July 2013, but ESET has also found older samples that go back at least to April 2013.