Detect Date | 06/03/2016 | |||||||||||||||||||||||||||||||||
Class | Trojan-Banker | |||||||||||||||||||||||||||||||||
Platform | Win32 | |||||||||||||||||||||||||||||||||
Description |
This malware family consists of Trojans targeted against online banking services. The malware is used by cybercriminals to steal money or account credentials from users of e-banking services. Information needed for connecting to the server of the cybercriminals is encrypted inside the executable file of the malware. Trojan-Banker.Win32.Neverquest is distributed under the MAAS (Malware As A Service) model. This means that cybercriminals rent the malware from its creators, receiving a fully ready software kit for criminal purposes. The malware collects information about the infected computer and sends it to the cybercriminals’ server. Collected information includes: Malware of this family performs the following actions: In addition, the malware can replace the content of web pages displayed in the user’s browser by using spoofed content and configuration files, which are downloaded by the malware from a server controlled by cybercriminals. Geographical distribution of attacks by the Trojan-Banker.Win32.Neverquest family
Top 10 countries with most attacked users (% of total attacks)
* Percentage among all unique Kaspersky users worldwide attacked by this malware |
|||||||||||||||||||||||||||||||||
Find out the statistics of the threats spreading in your region |