Banbra Trojan

Original issue date: September 14, 2006

It has been reported that a Trojan is targeting users of certain online banking service that uses virtual keyboards for their online operations. The said Trojan is using new technique to capture information from the infected system rather than traditionally logging keystrokes of the keyboard while a user entering any confidential data. It captures screenshots of the area around the mouse and save it as a video file in .avi format and sends it to the malicious remote attacker. The captured information could be used to online fraud activities.

It does not spread automatically. The propagation of Trojan requires attackers involvement and transmission means could be floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.

In view of this new mechanism used by the Trojan to obtain confidential data from the infected user it is anticipated that other malicious code could use the same technique and may be on rise.

Users are advised to implement the following countermeasures:

• Keep update Anti-Virus Signatures.
• Apply appropriate security updates at the OS level and applications such as web browsers.
• Keep updated Anti-Spywares.

References:

http://www.pandasoftware.com/virus_info/encyclopedia
/overview.aspx?IdVirus=129127

http://www.net-security.org/virus_news.php?id=688

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003