A new, advanced banking Trojan is infecting users in Turkey, the Czech Republic, Portugal, and the United Kingdom, according to researchers at ESET.

In a blog posted on Wednesday, the researchers warned of a Trojan called Win32/Spy.Hesperbot, which does keystroke logging and sets up a remote proxy on the end user's machine. Hesperbot also does some advanced tricks, such as creating a hidden virtual network computing (VNC) server on the end user's machine, ESET says.

The Trojan uses a very credible-looking, phishing-like campaign that appears to come from trustworthy organizations to lure its victims, ESET says. "The aim of the attackers is to obtain login credentials giving access to the victim's bank account and to get them to install a mobile component of the malware on their Symbian, Blackberry or Android phone," the blog says.

... Read full story on Dark Reading


Post a comment to the original version of this story on Dark Reading