Trojan hearse now collecting user log-in details


Trojan hearse now collecting user log-in details

Antony Savvas

Internet security researchers are warning of a new Trojan horse virus that can collect user log-in details for banking websites and other sensitive internet accounts.

The “Rootkit.hearse” Trojan has been tracked by Sana Security and other researchers, and is designed to avoid detection by anti-virus scanning technologies on users’ machines.

Sana says Rootkit.hearse is being downloaded by users at the same time as they download other types of malware from malicious websites.

The “rootkit” technology used by the Trojan allows it to hide on users’ machines and duck under the radar of existing anti-virus programs.

Sana says Rootkit.hearse can currently avoid detection from the majority of commercial anti-virus programs, although this should change as suppliers become aware of the threat.

Once an infected user visits a web page requiring log-in details, the Trojan springs into action and copies the information. This data is then sent to a remote server currently located in Russia.

Sana said this server had so far recorded the log-in details of around 35,000 users.


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy