Detected banking trojan with the integrated digital certificate

Posted: February 6, 2013 in IT Security News, Security Notices
Tags: , , ,

Banking Trojan

Banking Trojan

A malicious program disguised as a PDF-document that is sent to users via email.

The MalwareBytes company’s specialists have found banking Trojan that steals passwords, signed by a valid digital certificate issued by DigiCert.

DigiCert representatives confirm a certificate, but claim that it was issued to legally registered companies Buster Paper Comercial Ltda. Licenses are issued in accordance with the guidelines of the digital industry. With the use of certificates from DigiCert clear that they do not apply to malware. Once in DigiCert learned about the illegal activities associated with the certificate, it immediately recalled.

Detected by MalwareBytes malware disguised as a PDF-document, which is sent to the victims alleged in the letter mail and supposedly contains the invoice. As conceived by intruders, a file format will force users to open it, after which the program is installed on a PC keylogger, Steals banking credentials.

Additional elements of the Trojan downloaded to the device users from the site egnyte.com. The website administration has confirmed that one of the users are really stored in the resource malicious program, which can be shared with others. Subsequently account holder trojan was blocked, and the notification of the incident was sent to the organization of IC3, which is working with the FBI in the field of information security.

Details of theĀ  MalwareBytes report can be found here .

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s