Site icon Liquidmatrix Security Digest

Banking Rootkits With 64-bit Support

Malicious software took a jump forward today on news from the folks at Kaspersky that there is another banking trojan making the rounds. This one in particular has support for 64 bit Windows and is being made to target Brazilian customers.

From The H Security:

The malware is injected into systems via a hole in an obsolete version of Java and first disables the Windows User Account Control (UAC) feature so that it can go about its business without being interrupted. It then installs bogus root certificates and modifies the HOSTS file in such a way that victims trying to access the banking web site are redirected to a phishing site operated by the criminals. The injected certificate prevents the browser from issuing an alert when establishing an encrypted connection to the phishing site, and the victim is left unaware.

Rootkits have also been making news in other parts of the web with the release of several platforms on Hacker News that are free to download along with the publication of the source code for the Zeus botnet.

For more on the Brazilian root kit story read on.

Article Link

(Image used under CC from Amarand Agasi)

Exit mobile version