Security researchers have discovered a new virus targeting Russian bank customers using many of the techniques employed by notorious malware such as Zeus and Carbeep.
Russian anti-virus firm Dr.Web says ‘Trojan.Bolik.1’ is a polymorphic file virus that infects 32-bit and 64-bit applications without any user intervention.
The tactics it employs to avoid detection and the amount of time it takes to remove from an infected system mean it can be particularly troublesome.
“Functions and architecture of Trojan.Bolik.1 are very sophisticated, which makes it really dangerous for Windows users,” said the researchers.
“The main purpose of Trojan.Bolik.1 is to steal confidential information,” continued the researchers. “The Trojan can execute this function by several means. For example, it controls data transmitted by Microsoft Internet Explorer, Chrome, Opera, and Mozilla Firefox to steal information entered into input forms.
“Besides, the malware program can take screenshots and perform the keylogger functions. Trojan.Bolik.1 is also able to create its own proxy server and web server for file sharing with virus makers.
“All sent and received information is encrypted with a complicated algorithm and is then compressed.”
Zeus has been targeting bank customers for a number of years. The aforementioned web injects can trick users into entering details into portions of websites they think are genuine.
How much do you know about hackers and viruses? Take our quiz!
Yanluowang ransomware hackers claim credit for compromise of Cisco's corporate network in May, while Cisco…