Malware Targets Users of Online Banking Service

Discussion in '0-day Release' started by silversurfer, Jun 6, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    After noticing a browser extension communicating with a suspicious domain, researchers analyzed the Google Chrome extension named Desbloquear Conteudo (unblock content) and found that it was a rare banker malware.

    The extension, identified as HEUR:Trojan-Banker.Script.Generic has been removed from Chrome Web Store. According to Vyacheslav Bogdanov, researcher, Kaspersky Lab the man-in-the-middle (MitM) extension for Chrome was targeting users of Brazilian online banking services with the goal of collecting user logins and passwords in order to pilfer their savings.

    MitM attacks redirect the victim’s web traffic to a spoof website. While the target is under the impression they are connected to a legitimate site, the flow of traffic to and from the real bank site is actually being redirected through an attacker's site so that the criminal can harvest the personal data they are after.

    Full Article:
    Trim and RGiskardR like this.
  2. Google Adsense

Share This Page