Advanced Banking Trojan “Hesperbot” Which Can Steal Bitcoins, Has New Targets: Germany and Australia
Large Infection Waves Continue in the Czech Republic
ESET HQ malware research lab is reporting new campaigns of the very effective banking trojan Hesperbot. As previously uncovered by ESET, Hesperbot is using very credible-looking spreading campaigns related to trustworthy organizations and lures victims to run the malware. Based on LiveGrid® data – ESET’s cloud-based malware collection system – and research analysis, it has new big targets: banks and users in Germany and Australia. Meanwhile, large infection waves continued in the Czech Republic.
The malware itself has evolved as well – now ESET has researched versions of Hesperbot that can steal bitcoins. Namely, it includes a module that attempts to access Bitcoin wallets that store private keys.
“With the current high value of Bitcoin, the decision to add this module is quite understandable,” says Robert Lipovsky, who heads ESET research into Hesperbot.
Some advice on how to keep your Bitcoins safe can be found on ESET news site WeLiveSecurity.com.
This sophisticated banking malware dubbed Hesperbot is spreading via phishing-like emails and also attempts to infect mobile devices running Android, Symbian and Blackberry. Detected as Win32/Spy.Hesperbot, this threat features keylogger capabilities, can create screenshots and video capture, and set up a remote proxy. The attackers aim to obtain login credentials giving them access to the victim’s bank account and getting them to install a mobile component of the malware on their Symbian, Blackberry or Android phone.
“The Hesperbot operators are very active, causing real financial losses for bank’s customers and it seems we still haven’t heard the last of this malware,” concludes Lipovsky.
More detailed analysis of this malware is available in the blogpost New Hesperbot targets: Germany and Australia that can be found at WeLiveSecurity.com - ESET’s news platform with the latest information and analysis on cyber threats and useful security tips. On WeLiveSecurity.com you will find previous post and updated white paper about Hesperbot.
ESET®, the pioneer of proactive protection and the maker of the award-winning ESET NOD32® technology, is a global provider of security solutions for businesses and consumers. For over 26 years, the Company continues to lead the industry in proactive threat detection. By obtaining the 80th VB100 award in June 2013, ESET NOD32 technology holds the record number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. In addition, ESET NOD32 technology holds the longest consecutive string of the VB100 awards of any AV vendor. ESET has also received a number of accolades from AV-Comparatives, AV-TEST and other testing organizations and reviews. ESET NOD32® Antivirus, ESET Smart Security®, ESET Cyber Security® (solution for Mac), ESET® Mobile Security and IT Security for Business are trusted by millions of global users and are among the most recommended security solutions in the world.
The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore; with offices in Jena (Germany), Prague (Czech Republic) and Sao Paulo (Brazil). ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Singapore, Prague, Košice (Slovakia), Krakow (Poland), Montreal (Canada), Moscow (Russia) and an extensive partner network for more than 180 countries. More information is available via About ESET and Press Center.