Trojan steals bank details after pretending to be Microsoft patch


Trojan steals bank details after pretending to be Microsoft patch

Antony Savvas

A Trojan horse virus is being spread on the internet by pretending to be a Microsoft security update.

A German language e-mail is being used to spread the Trojan horse via an attachment.

The Trojan attempts to steal passwords and log-in details of customers’ online bank accounts, and relay them back to a remote server controlled by fraudsters.

The malware is being called the Trojan-PSW.Win32.Sinowal.u by security company Kaspersky Lab, which has reported its appearance.

The Sinowal family of malware was first discovered at the end of last year, but this is a new version. It pretends to be a software patch for a new flaw in Microsoft software.

Rather than rely on known flaws in internet browsers, the latest version tries to get the user to install the Trojan by clicking on the attachment, rather than visiting a malicious website to install the rogue code.

The Sinowal Trojan is a "man-in-the-middle" malware threat. Even if a user starts a secure transaction with a bank, the Trojan can activate a pop-up window on their screen, requesting their user name and password.

If entered, this information is automatically sent to a remote server where the information can be used to carry out frauds.


COMMENTS powered by Disqus  //  Commenting policy