Malware, Threat Management

Researchers spot Nemucod in Brazil spreading banking trojans

ESET researchers spotted the Nemucod downloader used to spread banking trojans and other malware in Brazil.

On August 12, ESET researchers spotted an outbreak of a new Spy.Banker variant that is similar to previous ones used by other banking trojans in South America and that, during execution, check if the victim's system settings are in Portuguese before injecting the banker's payload, according to an Aug. 17 blog post.

The trojan is spread along with two modified versions of an unnamed popular utility software, which are used to extract usernames and passwords from popular browsers as well as credentials for local email clients, the blog said.

In order to prevent infection, researchers recommend users identify and block emails with with .EXE, *.BAT, *.CMD, *.SCR, and *.JS attachments.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.