New Banking Trojan Uses Gmer


Recommended Posts

Oct20, 2009

New Banking Trojan Uses GMER

by Jessa De La Torre (Threat Response Engineer)

Brazilian banks are once again in the hotseat as a banking Trojan emerges with a new technique. This time, the cybercriminals targeting these banks are using GMER, a popular anti-rootkit application. Trend Micro detects this banking Trojan as TROJ_DLOAD.BB. Upon execution, this Trojan downloads a legitimate copy of GMER and a malicious rootkit component detected as TROJ_DAMMI.AB.

TROJ_DLOAD.BB creates a batch file that terminates the processes related to the G-Buster Browser Defense, a security program used by many Brazilian banks as protection from information theft and as protection of customers' privacy during online transactions. Without this application, the information relayed in these transactions may be exposed to malicious users and can be used for fraudulent activities later on.

Read more details at TrendLabs - http://blog.trendmicro.com/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...