Trojan steals bank details after pretending to be Microsoft patch

A Trojan horse virus is being spread on the internet by pretending to be a Microsoft security update.

A Trojan horse virus is being spread on the internet by pretending to be a Microsoft security update.

A German language e-mail is being used to spread the Trojan horse via an attachment.

The Trojan attempts to steal passwords and log-in details of customers’ online bank accounts, and relay them back to a remote server controlled by fraudsters.

The malware is being called the Trojan-PSW.Win32.Sinowal.u by security company Kaspersky Lab, which has reported its appearance.

The Sinowal family of malware was first discovered at the end of last year, but this is a new version. It pretends to be a software patch for a new flaw in Microsoft software.

Rather than rely on known flaws in internet browsers, the latest version tries to get the user to install the Trojan by clicking on the attachment, rather than visiting a malicious website to install the rogue code.

The Sinowal Trojan is a "man-in-the-middle" malware threat. Even if a user starts a secure transaction with a bank, the Trojan can activate a pop-up window on their screen, requesting their user name and password.

If entered, this information is automatically sent to a remote server where the information can be used to carry out frauds.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:




  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...