One of the most sophisticated bot Trojans ever has been infecting machines for months,and has compromised an estimated one million PCs in an ongoing effort to pillage personal bank accounts.
Multiple variants of a Trojan dubbed "MetaFisher," a.k.a. "Spy-Agent," has been spreading for months under the proverbial radar.
"MetaFisher has compromised hundreds of thousands if not millions of accounts for financial fraud,"
The Trojan's pitched the usual way -- via spammed e-mail that includes a link -- and uses the long-patched Windows Metafile (WMF) vulnerability to silently install via a drive-by download on machines whose users simply surf to these malicious sites.
Once on a machine, the malware turns the PC into yet another "bot," or remotely-controlled computer.
MetaFisher uses HTML injection techniques to phish information from victims after they've logged into a targeted bank account, which lets attackers steal legitimate TAN numbers (one-time PINs used by some banks overseas) and passwords without having to draw them onto phony sites.
Currently, MetaFisher is targeting Spanish, British, and German banks, and their customers.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment