Researchers spot Nemucod in Brazil spreading banking trojans

Researchers spotted an outbreak of a new Spy.Banker variant that is similar to previous ones used by other banking trojans in South America.
Researchers spotted an outbreak of a new Spy.Banker variant that is similar to previous ones used by other banking trojans in South America.

ESET researchers spotted the Nemucod downloader used to spread banking trojans and other malware in Brazil.

On August 12, ESET researchers spotted an outbreak of a new Spy.Banker variant that is similar to previous ones used by other banking trojans in South America and that, during execution, check if the victim's system settings are in Portuguese before injecting the banker's payload, according to an Aug. 17 blog post.

The trojan is spread along with two modified versions of an unnamed popular utility software, which are used to extract usernames and passwords from popular browsers as well as credentials for local email clients, the blog said.

In order to prevent infection, researchers recommend users identify and block emails with with .EXE, *.BAT, *.CMD, *.SCR, and *.JS attachments.
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS