A new Trojan known as “Hesperbot” is raiding bank accounts in several countries around the world. Infected computers have reportedly popped up in Turkey, Portugal, the Czech Republic and Portugal according to security firm ESET.
Reportedly, the bank-raiding Trojan is being circulated to unsuspecting users via emails designed to look like correspondence from professional companies such as internet service providers and postal companies. Users are tricked into downloading and running the malware which comes disguised as a file with the cunning extension “.pdf.exe” which causes their computers to become infected by the Trojan.
Computers infected by Hesperbot display no outward symptoms of infection, as would be seen in a virus, but instead the Trojan logs passwords and takes screenshots before sending data to a main server. Cybercriminals than use the details accumulated by the Trojan to break into bank accounts and drain them. If is also possible to install this malware on Symbian, Blackberry and Android phones, which infects them and makes them accessible to criminals too.
So far hundreds of people are reporting being infected and scammed in Turkey, with fewer but growing numbers in the other infected countries. Security experts at ESET have confirmed that this banking malware is not based off a previously known Trojan, but is an entirely new program. To guard their bank details and keep from being effected, users are advised carefully monitor any email downloads.