Trojan hijacked bank account IE retrofit vulnerability entrance

San San - March 26th, according to foreign media reports, network security personnel this week found two unique Trojan program, a password can be hijacked, and another hidden in the seemingly legitimate rootkit tools. Some banks in the UK, Germany and Spain have been attacked by two kinds of Trojans called PWS and MetaFisherSpy-Agent (aka Spy-Agent).

According to foreign media reports, after the hidden Trojans invade computer, when the user is accessing a legitimate bank site, Trojans will be malicious pop-up HTML, user input one-time PINs code or digital transactions will be robbed of Trojan horse. Network security company iDefense security director Rams Martinez said that the user entered the PIN code and transaction numbers did not enter the legitimate banking website, it is still valid. He said that the invasion of hackers will retain their sensitive information to steal bank account or sell it to someone.

According to a security vendor Symantec warned that may use the IE browser in a Windows Meta File vulnerability attackers placed Trojans, malicious website may lead to adverse infection procedures, the attacker through the mail on the infected computer issue orders left and right. With malicious programs installed together with the keylogger program, you can save the user's keyboard activities.

Security Lab Sana Labs also found a Trojan horse, which uses rootkit to hide themselves. The spread of the Trojan relies on the Alcra worm to complete the Alcra command of the infected Windows PCs to a web site download program. The Trojans can be excavated on the computer before the user name and password entered. Sana said that due to the Trojan program hidden in some kernel rootkit, so some anti-virus software is difficult to find it. Sana Labs said that as of last Monday, only five kinds of security software can be found above the Trojans, they are UNA, VBA32, Sophos, NOD32 version 2 and eTrust-Vet.