Security researchers have identified a new trojan which incorporates the popular TeamViewer remote control software to allow fraudsters to perform unauthorized online banking transactions from infected computers.
The piece of malware was discovered by experts from Group-IB while performing a forensic investigation on the systems of a defrauded Russian company.
It was subsequently analyzed by security researchers from antivirus vendor ESET who call it Win32/Sheldor.NAD. Around half of antivirus engines on Virus Total currently detect
The malware drops a backdoor component in the the Windows directory along with a TeamViewer 5 server that it runs in console mone.