pátek 24. února 2012

TrojanSpy:Win32/Bancos.DV


Encyclopedia entry
Updated: Apr 17, 2011  |  Published: Mar 02, 2009

Aliases
  • PWS-Banker (McAfee)
  • Infostealer.Bancos (Symantec)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.121.332.0
Released: Feb 24, 2012
Detection initially created:
Definition: 1.51.36.0
Released: Jan 30, 2009


 

Summary

TrojanSpy:Win32/Bancos.DV is a trojan that is designed to obtain security certificates associated from online banking accounts with Bradesco Bank.


 

Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).


 

Technical Information (Analysis)

TrojanSpy:Win32/Bancos.DV is a trojan that is designed to obtain security certificates associated from online banking accounts with Bradesco Bank.
 
When run, Win32/Bancos.DV displays the following fake warning message asking the user to provide the location of their online banking certificate:
 
 
 
The certificate is used to authenticate a user's machine as an additional layer of security with the Bradesco online banking portal. When combined with a user's online banking credentials, these can be used to access a user's bank account. Once obtained, the certificate is sent to a remote attacker.
 
Analysis by Matt McCormack

Žádné komentáře:

Okomentovat

Poznámka: Komentáře mohou přidávat pouze členové tohoto blogu.