A New and Dangerous Trojan Attack Aimed at Banks

A new variant of the Nabload Trojan, dubbed Nabload.U has been spreading rapidly. Notably, this virus does not make use of the keylogger exploit that traps the keystrokes of users in order to obtain account numbers, passwords, and other confidential information. This allows the Trojan to gather information while remaining undetected and it defeats some of the security features that have been recently added to protect access. One method of authenticating online users that's been gaining popularity in Europe is the use of a virtual keyboard. Users see a keypad on the screen and they tap their password in by clicking with the mouse on the virtual keyboard. This foils traditional key loggers. In this new exploit, even virtual keyboard entries can be compromised. In its current form the Nabload.U Trojan is aimed at compromising the financial institution passwords for accounts at ten institutions serving the Spanish-speaking community. It has been noted that this technique could be rapidly and easily adapted for attacks on other sites.

For more information, along with detection and removal information, see this Orange Alert released by Panda Software.