Banking Trojan that steals from the rich

To be sure, it steals from the poor, too, but it contains a routine that automatically tries to transfer a rather large amount of money from the victim’s account to those set up by the criminals.

The Trojan in question targets customers of Banco do Brasil, one of the biggest Brazilian and Latin American bank, and its main target are the victims’ online banking login credentials.

Once it acquires that information, the Trojan tries to initiate an electronic funds transfer (called TED) that is only for transactions involving sums over 3,000 Brazilian reals. The actual sum that the Trojan attempts to transfer is of R$ 5,000 (around $3,070).

There are a number of reasons behind the Trojan’s attempt to execute this type of money transfer:

  • The highly set minimum for the transferred amount,
  • The sum in question is available at the beneficiary’s account typically just a few minutes after the initiation of the transfer
  • A TED transaction can’t be cancelled by a user once it’s confirmed.

“This threat is definitely worth keeping an eye on, as it does not only cause information theft on the affected users’ part but can also lead to immediate financial loss,” say Trend Micro researchers.

But, as one of them notes, most people in Brazil don’t have that much money in their accounts, so at least they are safe from this automated routine. Still, their login credentials get stolen, so they are likely in for a monetary loss some time in the future.




Share this