Breaking News

Nikon releases the NIKKOR Z 24-70mm f/2.8 S II CORSAIR ONE a600 Brings Improved Cooling and Adaptive Performance in a Compact Design Speedlink setting the tone in the gaming zone be quiet! unveils new show case chassis and shows cooling innovations and peripherals at gamescom 2025 RICOH announces GR IV and GF-2 external flash

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

New Trojan Targetted Banks Wordlwide

New Trojan Targetted Banks Wordlwide

Enterprise & IT Dec 19,2014 0

Researchers at Kaspersky labs have discoverd a new Trojan that targets a large number of online-banking systems: over 150 different banks and 20 payment systems in 15 countries. Banks in the UK, Spain, the US, Russia, Japan and Italy make up the majority of its potential targets, according to Kaspersky.

The researchers say that the "Chthonic" Trojan is an evolution of ZeusVM, although it has undergone a number of significant changes.

The techniques used to infect victim machines with "Trojan-Banker.Win32.Chthonic" include sending emails containing exploits or downloading the malware to victim machines.

When sending messages containing an exploit, cybercriminals attached a specially crafted RTF document, designed to exploit the CVE-2014-1761 vulnerability in Microsoft Office products. The file has a .DOC extension to make it look less suspicious.

In the event of successful vulnerability exploitation, a downloader for the Trojan was downloaded to the victim computer.

Trojan-Banker.Win32.Chthonic has a modular structure. It is able to
collect system information; steal saved passwords; initiate remote access or recording video from a web camera.

The impressive set of functions enables the malware to steal online banking credentials using a variety of techniques. In addition, VNC and cam recorder modules enable attackers to connect to the infected computer remotely and use it to carry out transactions, as well as recording video and sound if the computer has a webcam and microphone.

But Web injections are Chthonic's main weapon, according to Kaspersky . They enable the Trojan to insert its own code and images into the code of pages loaded by the browser. This enables the attackers to obtain the victim's phone number, one-time passwords and PINs, in addition to the login and password entered by the victim.

For example, for one of the Japanese banks the Trojan hides the bank's warnings and injects a script that enables the attackers to carry out various transactions using the victim's account.

The script can also display various fake windows in order to obtain the information needed by the attackers.

Kaspersky's analysis of attacks against customers of Russian banks has uncovered an unusual web injection scenario. When opening an online banking web page in the browser, the entire contents of the page is spoofed, not just parts of it as in an ordinary attack. From the technical viewpoint, the Trojan creates an iframe with a phishing copy of the website that has the same size as the original window.

Tags: trojans
Previous Post
T-Mobile to Pay $90 Million To Settle Case With FCC
Next Post
FBI Confirms North Korea Was Behind Sony Hack

Related Posts

  • Cybercriminals Use Popular TV Shows to Spread Malware

  • New Trojan Found Nested in Sofwtare From Pirate Bay

  • Android Trojan Steals Money From PayPal Accounts

  • Android Trojan Steals Passwords Sent Through Voice Calls

  • Kaspersky Discovers Trojan That Tricks CAPTCHA Into Thinking Its Human

  • Spying Program Was Stored Within Popular Hard Disk Drives

  • Regin Trojan Enables Stealthy Surveillance: Symantec

  • Microsoft Patch May be Trojan

Latest News

Nikon releases the NIKKOR Z 24-70mm f/2.8 S II
Cameras

Nikon releases the NIKKOR Z 24-70mm f/2.8 S II

CORSAIR ONE a600 Brings Improved Cooling and Adaptive Performance in a Compact Design
Cooling Systems

CORSAIR ONE a600 Brings Improved Cooling and Adaptive Performance in a Compact Design

Speedlink setting the tone in the gaming zone
PC components

Speedlink setting the tone in the gaming zone

be quiet! unveils new show case chassis and shows cooling innovations and peripherals at gamescom 2025
PC components

be quiet! unveils new show case chassis and shows cooling innovations and peripherals at gamescom 2025

RICOH announces GR IV and GF-2 external flash
Cameras

RICOH announces GR IV and GF-2 external flash

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Soundpeats Pop Clip

Soundpeats Pop Clip

Terramaster F8-SSD

Terramaster F8-SSD

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed