|
|
Malware with smaller targets |
|
Date: 03 October 2008 Original URL: http://www.auscert.org.au/render.html?cid=7066&it=9923 Greetings, This week we saw a new variant of the SilentBanker trojan. SilentBanker is a run of the mill password capturing trojan designed to steal all of your website logins, but this one has a couple of improvements. First off, it has some rootkit abilities making it harder to spot and remove. It also has a very selective target list - instead of copying any old password, it looks at certain sites and only at particular parts of queries. Must make it nice for the writers to sift through all that captured data. The target list is quite interesting - along with a few of the more obvious larger financial institutions, this new variant also targets a lot of smaller banks and credit unions. It may be that SilentBanker is trying to become a shrewd financial player, trying the 'low risk, low return' method of financial fraud. Of course, there's still a bajillion other trojan keyloggers out there targetting everything from your bank to your MMO game account, so being on the lookout and thinking before opening that weird email is still on the cards. MDB |