Hesperbot – A New Banking Trojan that can create hidden VNC server on infected systems


Security firm ESET has discovered a new and effective banking trojan, targeting online banking users and designed to beat the mobile multi-factor authentication systems.

Hesperbot detected as Win32/Spy.Hesperbot is very identical to the infamous Zeus and SpyEye Banking Malwares and infects users in Turkey, the Czech Republic, Portugal, and the United Kingdom.
Trojan has functionalities such as keystroke logging, creation of screenshots and video capture, and setting up a remote proxy.

The attackers aim to obtain login credentials giving them access to the victim’s bank account and getting them to install a mobile component of the malware on their Symbian, Blackberry or Android phone.

Some other advanced tricks are also included in this banking Trojan, such as creating a hidden VNC server on the infected system and can do network traffic interception with HTML injection capabilities.
So far, the Trojan hasn’t spread too far. The campaign was first detected in the Czech Republic where the attackers had used phishing emails impersonating the country’s postal service. Armed with this information, the crooks can try to log into victims’ online bank accounts to siphon off their cash.
The trojan also harvests email addresses from the infected system and sends them to a remote server. It is possible that these collected addresses were also targeted by the malware-spreading campaigns.

As for the UK, a special variant of the malware has been created, but ESET said it could not provide any further detail on it.

 

Advertisements

4 thoughts on “Hesperbot – A New Banking Trojan that can create hidden VNC server on infected systems

  1. Pingback: Hesperbot – A New Banking Trojan that can create hidden VNC server on infected systems | Remove Your Malware

  2. Pingback: NSA can access your data on Smartphones including iPhone, BlackBerry and Android devices | Hacking with New Ideas

  3. Pingback: Remote Administration Tool Zeus BotNet –> (RAT) | Hacking with New Ideas

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s