ESET®, a global pioneer in IT security for more than two decades, is warning Japanese Internet banking users about a Trojan called Win32/Brolux.A. Currently spreading via a website displaying adult videos, this Trojan monitors 88 Japanese Internet banking web pages in an attempt to steal sensitive information from infected victims.
ESET researchers discovered that Brolux attempts to install on unpatched Windows computers by taking advantage of two vulnerabilities: the Flash vulnerability (CVE-2015-5119) which was leaked during the Hacking Team hack, or the unicorn bug, a critical 2014 internet Explorer vulnerability (CVE-2014-6332).
This Trojan affects Windows users and supports Explorer, FireFox and Chrome browsers. Once installed, the Trojan will wait for the user to visit a listed Japanese internet banking webpage, and if successful, will present the victim with a phishing page.
“This is yet another reminder that software used routinely should always be up to date and patched,” said Jean-Ian Boutin, Malware Researcher at ESET. “This group of cybercriminals is using phishing, a very old technique used daily against Internet users. People should be suspicious when their internet banking websites suddenly contain new content.”
The phishing page, analyzed by ESET researchers, ironically warns the victim of the dangers of crimes associated with internet banking. It requests that users fill in their sensitive information, such as registration numbers, addresses, passwords and PINs, supposedly in order for the Financial Services Agency (FSA) to provide additional security measures. Both the Public Prosecutor’s Office and the FSA have issued statements about this kind of abuse.
“Although this campaign specifically targets Japan, techniques used in Win32/Brolux are used against internet banking users in other countries every day. People should think twice before entering personal information in suspicious looking familiar pages,” concluded Boutin.
Read more about ‘Brolux banking Trojan targeting Japan; using Flash Exploit leaked via Hacking Team hack to spread’ on WeLiveSecurity.com.
About ESET
Since 1987, ESET® has been developing award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires. For more information visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.