11:58 AM

Password-Stealing Trojan Snares Spanish Speakers

Nabload.u is a hybrid that mixes elements of Trojan, spyware, and phishing attacks--and is aimed at online banking users in the international Hispanic community.

A Trojan horse that arrives via MSN Messenger tries to swipe Spanish speakers' online banking usernames and passwords, said Bilbao, Spain-based Panda Software Tuesday.

Panda has bumped up the Nabload.u Trojan horse infection to an "Orange" alert, which is the company's mid-level ranking.

Nabload.u is downloaded when unsuspecting users click on the URL within an instant message that arrives from an MSN Messenger contact; the Trojan downloads a second piece of malware, dubbed "Banker.bsx," to the compromised PC.

Banker.bsx monitors the machine, and steals passwords and usernames for ten online banks, including Venezolano de Credito, Banco Provincial, and Banco Universal.

"This Trojan is an example of a hybrid virus that mixes different techniques. Once the user clicks on the URL, it is able to download a Trojan and use techniques similar to some spyware and phishing attacks," said Luis Corrons, the director of Panda's research lab, in a statement. "It is designed to steal data quickly, and without leaving any tracks."

Even banks that use graphics-based techniques to protect users -- such as a clickable onscreen keyboard -- in an attempt to trick traditional keyloggers are at risk from Banker.bsx, added Corrons.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.