Security researchers have discovered a new virus targeting Russian bank customers using many of the techniques employed by notorious malware such as Zeus and Carbeep.

Russian anti-virus firm Dr.Web says ‘Trojan.Bolik.1’ is a polymorphic file virus that infects 32-bit and 64-bit applications without any user intervention.

The tactics it employs to avoid detection and the amount of time it takes to remove from an infected system mean it can be particularly troublesome.

“Functions and architecture of Trojan.Bolik.1 are very sophisticated, which makes it really dangerous for Windows users,” said the researchers.


Once present on a system, the virus checks for executable files or on connected USB devices and embeds ‘Trojan.Bolik.1’ and the information it needs to run in an encrypted format. Once an infected program is executed, the virus decrypts and runs directly in-memory. A virtual file system stores the information it needs and it borrows web injections from Zeus to steal banking details.

“The main purpose of Trojan.Bolik.1 is to steal confidential information,” continued the researchers. “The Trojan can execute this function by several means. For example, it controls data transmitted by Microsoft Internet Explorer, Chrome, Opera, and Mozilla Firefox to steal information entered into input forms.

“Besides, the malware program can take screenshots and perform the keylogger functions. Trojan.Bolik.1 is also able to create its own proxy server and web server for file sharing with virus makers.

“All sent and received information is encrypted with a complicated algorithm and is then compressed.”

Zeus has been targeting bank customers for a number of years. The aforementioned web injects can trick users into entering details into portions of websites they think are genuine.

How much do you know about hackers and viruses? Take our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Google Ordered To Pay $43m By Australian Court

Search engine Google fined $43 million by Australian court for tracking Android users location data…

1 day ago

Hacker Touts Data Sale Of 48.5m Users Of Covid App – Report

Personal data of 48.5 million Chinese citizens who used Shanghai's Covid App, is being offered…

1 day ago

Facebook Tests Default End-to-End Encryption For Messenger

Privacy move. Platform tests secure storage of people's chats on Messenger, in a move sure…

1 day ago

UK’s CMA Begins Probe Of Viasat Acquisition Of Inmarsat

British competition regulator the CMA, begins phase one investigation of $7.3 billion merger between Inmarsat…

2 days ago

Cisco Admits ‘Security Incident’ After Breach Of Corporate Network

Yanluowang ransomware hackers claim credit for compromise of Cisco's corporate network in May, while Cisco…

2 days ago

Google Seeks To Shame Apple Over RCS Refusal

Good luck convincing Tim. Google begins publicity campaign to pressure Aple into adopting the cross…

2 days ago