found in descriptions under the YouTube video
The international antivirus company ESET has investigated the new family of banking Trojans Casbaneiro, which are hunting for cryptocurrency. The victims of the botnet have already become Brazilian and Mexican users.
Casbaniero is most often distributed via malicious phishing emails. The Trojan uses pop-ups and forms under the guise of a software update, credit card verification, or a request from a bank.
After infection, Casbaneiro restricts the victim’s access to various banking sites, and also monitors keystrokes and takes screenshots. In addition, the trojan monitors the clipboard, replacing the victim’s cryptocurrency wallet with the fraudster’s address.
Casbaneiro uses many complex algorithms to mask code and decrypt downloaded components.
To hide the domain and port of the central server, Casbaneiro operators hid it in fake DNS records, in Google Docs online documents, and even on fake websites of various institutions. Sometimes, attackers managed to hide the traces of the managing server on official sites as well as in YouTube video descriptions.
Earlier in October, it became known that 800 thousand Russian Android devices were infected with a virus that allowed attackers to control millions of rubles in the victims' bank accounts.
Subscribe to BlockchainJournal news on Telegram: BlockchainJournal Feed – the entire news feed, BlockchainJournal – the most important news and polls.
BlockchainJournal.news
BlockchainJournal.news
