News

Trojan steals bank details after pretending to be Microsoft patch

A Trojan horse virus is being spread on the internet by pretending to be a Microsoft security update.

A German language e-mail is being used to spread the Trojan horse via an attachment.

The Trojan attempts to steal passwords and log-in details of customers’ online bank accounts, and relay them back to a remote server controlled by fraudsters.

The malware is being called the Trojan-PSW.Win32.Sinowal.u by security company Kaspersky Lab, which has reported its appearance.

The Sinowal family of malware was first discovered at the end of last year, but this is a new version. It pretends to be a software patch for a new flaw in Microsoft software.

Rather than rely on known flaws in internet browsers, the latest version tries to get the user to install the Trojan by clicking on the attachment, rather than visiting a malicious website to install the rogue code.

The Sinowal Trojan is a "man-in-the-middle" malware threat. Even if a user starts a secure transaction with a bank, the Trojan can activate a pop-up window on their screen, requesting their user name and password.

If entered, this information is automatically sent to a remote server where the information can be used to carry out frauds.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy