Detect Date | 06/28/2016 | |||||||||||||||||||||||||||||||||
Class | Trojan-Spy | |||||||||||||||||||||||||||||||||
Platform | Win32 | |||||||||||||||||||||||||||||||||
Description |
Trojan-Spy.Win32.Ursnif is a banking Trojan written using Microsoft Visual C++. Also known as IAP, ISFB, Gozi, Rovnix, and Papras. Information for contacting command-and-control servers is either hard-coded in the Trojan itself or generated based on the current date and system configuration. Works with 32- and 64-bit versions of Internet Explorer and Firefox, and 32-bit versions of Chrome. Main features include:
Geographical distribution of attacks by the Trojan-Spy.Win32.Ursnif familyGeographical distribution of attacks during the period from 28 June 2015 to 28 June 2016 Top 10 countries with most attacked users (% of total attacks)
* Percentage among all unique Kaspersky users worldwide attacked by this malware |
|||||||||||||||||||||||||||||||||