Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘banking trojan’
November 20th, 2013

Fallout from Nuclear Pack exploit kit highly toxic for Windows machines

In recent days, the avast! Virus Lab has observed a high activity of malware distributed through exploit kits. Most cases of infection are small websites which usually provide adult entertainment, but there was also news about one of the top 300 visited websites being infected.

Infection chains ended dropping a final payload in a form of an executable file with a constant, not wide-spread name like 1SKKKKKKK.exe. After a closer look, we found that this filename is shared among aggressive malware threats – banking Trojans like Win32:Citadel, Win32:Shylock/Caphaw, Win32:Ranbyus, Win32:Spyeye; stealthy infostealers like Win32:Neurevt (a.k.a. BetaBot), Win32:Gamarue, Win32:Cridex, Win32:Fareit; and even file infectors like Win32/64:Expiro(infected dbghlp.exe).

We received ~1000 unique samples in the last 10 days which possess suspicious filenames, polymorphically covering ~30 malware families with many different packers. Researching infected iframes in our databases, we discovered an infection chain which leads to a payload with a strange name that looks like this:

1skkkkk_scheme

Read more…

November 4th, 2013

A report from RSA Conference Europe 2013

In today’s world where malware evolves and develops rapidly, sharing security information is the key element for success. Companies which ignore this fact  sooner of later suffer from the consequences of their bad decision. Malware researchers from all over the world regularly meet at various IT security conferences, where they learn from each other how to fight with malware and how to make the IT world a safer place.

rsac_01 Read more…

Comments off
March 20th, 2013

Banker Omnia Vincit – A tale of signed Brazilian bankers

Let us present the long-term analysis of malware which was designed to steal credentials from more than 25 largest banking and payment systems in Brazil. The unique features of this banking malware include the usage of valid digital certificates, 3 years of evolution and stealing credentials from e-commerce admin pages. This feature opens doors for attackers, who can then log in to e-commerce systems and steal information about customers and their payments.

This malware family combines all of these powerful functionalities and serves as a comprehensive tool for stealing money and sensitive personal data with dangerous efficiency.

Download full whitepaper in PDF format here.

 

Comments off
November 27th, 2012

avast! Internet Security Leads Secure Online Banking

Financial malware threatens our banks and the safety of our personal identify and hard-earned money. Evidence from private research suggests that most endpoint security solutions offer minimal to no protection against financial malware. However, in a new test, avast! Internet Security provided 100% protection against banking malware.

Read more…

Comments off