Jump to content
Worm64

Dangerous 'Vawtrak Banking Trojan' Harvesting Passwords Worldwide

Recommended Posts

Security researcher has discovered some new features in the most dangerous Vawtrak, aka Neverquest, malware that allow it to send and receive data through encrypted favicons distributed over the secured Tor network.

The researcher, Jakub Kroustek from AVG anti-virus firm, has provided an in-depth analysis (PDF) on the new and complex set of features of the malware which is considered to be one of the most dangerous threats in existence.

Vawtrak is a sophisticated piece of malware in terms of supported features. It is capable of stealing financial information and executing transactions from the compromised computer remotely without leaving traces. The features include videos and screenshots capturing and launching man-in-the-middle attacks.

HOW VAWTRAK SPREADS ?

AVG anti-virus firm is warning users that it has discovered an ongoing campaign delivering Vawtrak to gain access to bank accounts visited by the victim and using the infamous Pony module in order to steal a wide range of victims’ login credentials.

The Vawtrak Banking Trojan spreads by using one of the three ways:

Drive-by download – spam email attachments or links to compromised sites

Malware downloader – like Zemot or Chaintor

Exploit kit – like as Angler Exploit Kit

Mai multe aici: Dangerous 'Vawtrak Banking Trojan' Harvesting Passwords Worldwide - Hacker News

Daca cineva detine sample rog pm.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...