Computer Security Research - McAfee Avert Labs Blog

Did you ever ask yourself how long does it take to the bad guys improve their trojans when a new situation occurs?

Lets look at an actual case, involving PWS-Banker.

On June 16th, a major bank in Brazil, called Banco do Brasil, released a new internet banking website, changing everything from the old design.
This is one of the most targeted banks in Brazil, and most PWS-Bankers already had their ‘design’ inside it, to make people believe that they were on it and then type their passwords on a fake application which send to a remote email, like most PWS-Bankers.

Well, returning to our topic, I just came across to a source code repository of such PWS-Bankers, and there were plenty of files, for all Banks that it targeted, and one file in particular got my attention, it was called (translated), “New Banco do Brasil Screen.jpg”.

This file has the date of June 21st and had the brand new password screen of the new Banco do Brasil website!
So, assuming that the dates are accurate, in less than 5 days the miscreants had a new functional PWS-Banker trojan, updated to work/act as the new bank website!

My point on this, is that the miscreants are always working on something new and updated with new trends, and that’s just another reason to keep your defenses and paranoid radar always up! Well…at least thats what we do!:)

This entry was posted on Tuesday, July 3rd, 2007 at 10:50 am and is filed under Malware Research. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Updates on Malware Fields

Leave a Reply

Archives

Categories