Trojan in an email claiming Australian Prime Minister suffers a heart attack reported
Websense has received numerous reports of a Trojan which is related to an email that has been distributed, claiming that the Australian Prime Minister had suffered a heart attack.
The email Trojan is made up of several different components. The Trojan infects the PC and spy’s on all the sites which you visit and keeps track of them, key logging everything you do. It contains a special module which it uses for phishing. At the time of this alert there were more than 2500 infected victims.
The banks affected by the Trojan are:
- Westpac (Australia)
- Kasikorn Bank (Thailand)
- Banco de Valencia (Spain)
- Commonwealth Bank (Australia)
- BBVA (Spain)
- Caja Madrid (Spain)
- Bank of America (USA)
- Unicaja (Spain)
- Wells Fargo (USA)
- Sparkasse (Germany)
- Deutsche Bank (Germany)
- Gad (Germany)
- Commerz Bank (Germany)
- Post Bank (Germany)
Alternatively, the Trojan installs a web server on the affected machine which enables the attacker to access that machine every time it is access the internet. To achieve that, he/she has a control panel where he/she can have a full list of all the infected machines including IP address, country, ports he/she can use to access the machine to using different protocols, and even a link to Google maps which will exactly point out where that IP is located.
RSS |
Permanent Link
|
Del.icio.us
|
Cosmos
|
Digg
|
|
