News

Trojan hearse now collecting user log-in details

Antony Savvas

Internet security researchers are warning of a new Trojan horse virus that can collect user log-in details for banking websites and other sensitive internet accounts.

The “Rootkit.hearse” Trojan has been tracked by Sana Security and other researchers, and is designed to avoid detection by anti-virus scanning technologies on users’ machines.

Sana says Rootkit.hearse is being downloaded by users at the same time as they download other types of malware from malicious websites.

The “rootkit” technology used by the Trojan allows it to hide on users’ machines and duck under the radar of existing anti-virus programs.

Sana says Rootkit.hearse can currently avoid detection from the majority of commercial anti-virus programs, although this should change as suppliers become aware of the threat.

Once an infected user visits a web page requiring log-in details, the Trojan springs into action and copies the information. This data is then sent to a remote server currently located in Russia.

Sana said this server had so far recorded the log-in details of around 35,000 users.

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy