Nabload.u is a hybrid that mixes elements of Trojan, spyware, and phishing attacks--and is aimed at online banking users in the international Hispanic community.
A Trojan horse that arrives via MSN Messenger tries to swipe Spanish speakers' online banking usernames and passwords, said Bilbao, Spain-based Panda Software Tuesday.
Panda has bumped up the Nabload.u Trojan horse infection to an "Orange" alert, which is the company's mid-level ranking.
Nabload.u is downloaded when unsuspecting users click on the URL within an instant message that arrives from an MSN Messenger contact; the Trojan downloads a second piece of malware, dubbed "Banker.bsx," to the compromised PC.
Banker.bsx monitors the machine, and steals passwords and usernames for ten online banks, including Venezolano de Credito, Banco Provincial, and Banco Universal.
"This Trojan is an example of a hybrid virus that mixes different techniques. Once the user clicks on the URL, it is able to download a Trojan and use techniques similar to some spyware and phishing attacks," said Luis Corrons, the director of Panda's research lab, in a statement. "It is designed to steal data quickly, and without leaving any tracks."
Even banks that use graphics-based techniques to protect users -- such as a clickable onscreen keyboard -- in an attempt to trick traditional keyloggers are at risk from Banker.bsx, added Corrons.
The Business of Going DigitalDigital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Join InformationWeek’s Lorna Garey and Mike Healey, president of Yeoman Technology Group, an engineering and research firm focused on maximizing technology investments, to discuss the right way to go digital.