ESET found new variant of malware, Hesperbot
December 20, 2013
ESET, a security firm, has detected a new variant of malware, Hesperbot that has now started targeting Australian banks, and was originally identified three months ago.
The Hesperbot embezzles banking details with help of keyloggers, web-injects, and form-grabbers.
Australian banks that include the National Australian Bank, the Commonwealth Bank, Westpac, St George and MyState of Tasmania have been targeted by it.
Users tainted by it would witness a notification crafted by crooks and infuses into the websites of Australian banks that advised patrons to install an application camouflaged as two-factor SMS security software.
The malware (Hesperbot) grabbed banking information of customers as it was typed into websites and employed video capturing software to defeat virtual keyboards and check bank balances without logging into accounts.
Scmagazine.com.au published news on 12th December, 2013 stating the writing of ESET authors Anton Cherepanov and Robert Lipovsky as that although inspiration from previous banking malwares is obviously suggested by certain functionalities, it seems that 'Hesperbot' is a fresh breed of the malware.
The amalgamation of man-in-the-middle (MITM) network traffic interception, creating screenshots, keylogging, video capture sequences and an unseen Virtual Network Computing (VNC) session make this malware a very competent malicious program.
Interestingly, the malware has evolved to such an extent that new versions of it (Hesperbot) can steal bitcoins and includes a module which attempts to access Bitcoin wallets that store private keys.
Blog.eset.ie published news on 10th December, 2013 quoting Lipovsky as saying that with the ongoing high-value of Bitcoin, the judgment to insert this component is quite understandable.
ESET had detected new variants of malware early this year which attempted to steal Bitcoins, mine Bitcoins illegally or break wallets.
Security experts suggest that to mitigate the chances of infection with the love of Bitcoin by cybercriminals and other crypto-currencies being targeted by the cybercriminals, it is good to minimize such malwares.There are numerous malware families which perform Bitcoin mining or directly steal the contents of Bitcoin wallets of victims or both. Hence, experts conclude to keep your computer clean and uncompromised by "thinking before you click" and keep your system, applications and anti-virus up-to-date.