Evo. G Tech Team Forum
Welcome to Evo. G Tech Team Forum. We have moved to a new website : www.evogtechteam.com

Thanks you.

by Evo. G Tech Team Management.

This 20-year-old Student Has Written 100 Malware Programs in Two Years

View previous topic View next topic Go down

This 20-year-old Student Has Written 100 Malware Programs in Two Years

Post by Brada Teow on July 10th 2015, 19:52

[You must be registered and logged in to see this image.]
Security firm Trend Micro has identified a 20-year-old Brazilian college student responsible for developing and distributing over 100 Banking Trojans selling each for around US$300.
Known online as 'Lordfenix', 'Hacker's Son' and 'Filho de Hacker', the computer science student first began his career by posting in forums, asking for programming help for a Trojan he was developing, researchers said.

Developed More than 100 Trojans

However, Lordfenix has "grown quite confident in his skills" and began developing and distributing malware tailored to pilfer financial information since at least 2013.
"Based on our research, Lordfenix has created more than 100 different banking Trojans, not including his other malicious tools, since April 2013," Trend Micro [You must be registered and logged in to see this link.]"With each Trojan costing around R$1,000 (roughly $320), this young cybercriminal channeled his talent in programming into a lucrative, illegal venture."
Trend Micro has also provided an image of the hacker's Facebook wall post (given below) in which the hacker shows a considerable amount of local currency.
[You must be registered and logged in to see this image.]

Hacker is Offering Free Versions of Banking Trojans

In order to expand his operation, Lordfenix has now begun offering free versions of fully-functional Banking Trojan source code other wanna-be cyber criminals on the underground forum.

The free versions of the Trojan can be used to steal login details from customers of four different Brazilian banking websites including HSBC Brazil, Bank of Brazil, and Caixa. For access to other financial institutions, 'clients' have to pay for a more powerful tool, TSPY_BANKER.NJH.

TSPY_BANKER.NJH is a Trojan capable to identify when a user enters any of a target bank's URLs into their browser. The malware then shuts down the browser window (if it is running on Google Chrome), displays an error message, and then opens a fake Chrome window.

Once the victim enters the login details into the fake window, the information is sent back to the attackers address via email.

As an extra precaution, Lordfenix's malware also includes a software program to terminate a security process called GbpSV.exe, which is used by large number of Brazilian banks in an effort to keep their online customer data secure.

Malware Threat to Online Banking is Growing rapidly and countries like Brazil, where almost half of all financial transactions are conducted online, have come up as a boon for hackers.

Brada Teow

Posts : 19
Points : 22457
Reputation : 0
Join date : 2014-12-31
Age : 22

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

Permissions in this forum:
You cannot reply to topics in this forum