Backdoor.Win32.Konus

Publication Date 05/16/2016
Class Backdoor
Platform Win32
Description

Malware in this family was first identified in July 2014. Backdoor.Win32.Konus is a banking Trojan used to steal personal data from various online services.

The malware has the following main capabilities:
• Spoofing web page content in popular browsers (Chrome, Internet Explorer, Firefox, Edge, and others)
• Stealing data entered in web forms
• Downloading and running other malware
• Hiding malware-related files and processes

The malware is similar in its functionality to another common family, Trojan-Spy.Win32.Zbot, and uses a compatible configuration file with web injects.

Geographical distribution of attacks by the Backdoor.Win32.Konus family


Geographical distribution of attacks during the period from 16 May 2015 to 16 May 2016

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 Vietnam 19.54
2 China 14.94
3 India 14.94
4 Germany 9.20
5 France 5.75
6 Spain 5.75
7 USA 5.75
8 Canada 2.30
9 Philippines 2.30
10 Russian Federation 2.30

* Percentage among all unique Kaspersky Lab users worldwide attacked by this malware