Monday, May 16, 2022

Hesperbot Discovered latest banking Trojan

“‘Hesperbot’ is an Entirely New Banking Malware Family With Advanced Features, Currently Targeting Users In Turkey, The Czech Republic, Portugal and the UK.” SecurityWeek states.

Researchers at ESET have revealed what they’re naming a new “Zeus-like Trojan” that’s a entirely new family and contains powerful data-stealing capabilities found in former well-established malware.

According to the researchers, the threat is targeting online banking users primarily in Turkey, The Czech Republic, Portugal and the United Kingdom.

The “Hesperbot” is detected as “Win32/Spy.Hesperbot” by ESET, the malware research firm is pegging it as a “potent banking Trojan” that features capabilities, including keystroke logging, screenshot and video capture, and even the ability to setup a remote proxy and create a hidden VNC server on the infected system.

“Analysis of the threat revealed that we were dealing with a banking trojan, with similar functionality and identical goals to the infamous Zeus and SpyEye, but significant implementation differences indicated that this is a new malware family, not a variant of a previously known Trojan,” a researcher at ESET explained in a post.

ESET states, victims in the Czech Republic have lost “significant amounts of money” at the hands of Hesperbot, but are unknown how many citizens were infected.

ESET also discovered a variant designed to target users in the United Kingdom, but did not share additional details.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

New FastPOS malware targeting Point-of-Sale systems

Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly …