 |
Windows 7: New Banking Trojan Targets All Major Browsers
|
27 Feb 2011
|
#1 | |
Windows 7 Home Premium x64 SP1 Bay Area Peninsula |
New Banking Trojan Targets All Major Browsers
Quote: Recently our e-crime unit has detected a new banking trojan, named as Tatanga, with Man in the Browser (MitB) functions affecting banks in Spain, United Kingdom, Germany and Portugal. Like SpyEye, it can perform automatic transactions, retrieving the mules from a server and spoofing the real balance and banking operations of the users. Its detection rate is very low, and the few antivirus engines that can detect it yield a generic result.
The trojan in question is rather sophisticated. It is written in C++ and uses rootkit techniques to conceal its presence, though on occasion, its files are visible. The trojan downloads a number of encrypted modules (DLLs), which are decrypted in memory when injected to the browser or other processes to avoid detection by antivirus software. Quote: Tatanga hooks into explorer.exe and can inject HTML in Internet Explorer, Mozilla Firefox, Google Chrome, Opera, Minefield (Firefox dev builds), Maxthoon, Netscape, Safari and Konqueror, basically every popular browser.
Other noteworthy features include support for 64-bit Windows, anti-VM technology, mobile OTP phishing and Trusteer Rapport evasion. Source
A Guy | My System Specs |
| OS Windows 7 Home Premium x64 SP1
CPU INTEL Core i5-750 Quad-Core 3.37GHz
Motherboard ASUS P7P55D
Memory KINGSTON 4GB (2 x 2GB) HyperX PC3-12800 DDR3 1600MHz CL8
Graphics Card MSI N240GT-MD1G/D5 GeForce GT 240 1GB 128-bit GDDR5
Monitor(s) Displays Samsung SyncMaster B2430H 24"
Screen Resolution 1920 x 1080
PSU ANTEC TruePower New TP-550, 80 PLUS, 550W
Case ANTEC Three Hundred Illusion
Cooling COOLER MASTER Hyper 212 Plus, 4 x 120mm 1 x 140mm Noctua's
Hard Drives Intel X25M Gen2 80GB, SEAGATE 500GB Barracudaź 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
Internet Speed 20 + Mbps
Antivirus Avast
Browser Opera
|
28 Feb 2011
|
#2 | |
Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case New England |
And people are duped into believing any one browser is more secure then another? Malware writers are getting a bit more sophsticated in their efforts. | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case
CPU AMD Phenom II X4 975 Deneb 3.6ghz - 965 on new mini tower
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 1.5v 16gb - Mushkin on 2nd build
Graphics Card MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
Sound Card Creative Labs X-Fi XtremeGamer - Realtek onooard 2nd case
Monitor(s) Displays 2 x Acer P191W 19" widesscreen - HP 20" widescreen mini towe
Screen Resolution 1440x900 native - 1600x1024 on 7 Pro x64 build
Keyboard Microsoft Recusa Razor - MS Comfort 3000 on second build
Mouse MS Trackball Explorer - A4TECH dual scroll wheel trackball
PSU Corsair 750TX - primary / Corsair CX600 - second
Case Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
Cooling Zalman CNPS9900A
Hard Drives Primary Ultimate x64 build-
WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 18
Second 7 Pro x64 mini tower-
WD Caviar SE 500gb sata II single drive presen
Internet Speed 30mbps upgrade - primary hard wired - mini tower usb WiFi
|
06 Mar 2011
|
#3 | |
|
Do not do any banking over the internet!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | | My System Specs | | OS Win 7 64 premium
Other Info 7 fw, LUA, UAC on high, IE-9 w/ smartscreen on, SANDBOXIE
|
07 Mar 2011
|
#4 | |
Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case New England |
Besides banking people tend to order more onllne these days as ecommerce has grown tremendously over the last several years. This one is however primarily targeting the European banking system. | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case
CPU AMD Phenom II X4 975 Deneb 3.6ghz - 965 on new mini tower
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 1.5v 16gb - Mushkin on 2nd build
Graphics Card MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
Sound Card Creative Labs X-Fi XtremeGamer - Realtek onooard 2nd case
Monitor(s) Displays 2 x Acer P191W 19" widesscreen - HP 20" widescreen mini towe
Screen Resolution 1440x900 native - 1600x1024 on 7 Pro x64 build
Keyboard Microsoft Recusa Razor - MS Comfort 3000 on second build
Mouse MS Trackball Explorer - A4TECH dual scroll wheel trackball
PSU Corsair 750TX - primary / Corsair CX600 - second
Case Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
Cooling Zalman CNPS9900A
Hard Drives Primary Ultimate x64 build-
WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 18
Second 7 Pro x64 mini tower-
WD Caviar SE 500gb sata II single drive presen
Internet Speed 30mbps upgrade - primary hard wired - mini tower usb WiFi
|
07 Mar 2011
|
#5 | |
Windows 7 Ultimate x64 SP1 |
Well the situation is not that serious as you think. One needs to use logic as well while banking online. 
Quote: Originally Posted by I be he  Do not do any banking over the internet!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Self Hand Build
OS Windows 7 Ultimate x64 SP1
CPU AMD Phenom XII Black Edition 560
Motherboard Gigabyte GA-78LMT-USB3
Memory 4GB Corsair Vengeance DDR3
Graphics Card ATI Radeon 3100 (AMD 760G)
Sound Card ASUS Xonar DX
Monitor(s) Displays Dell SP2208WFP 22"
Screen Resolution 1680 X 1050
Keyboard Logitech
Mouse Logitech Optical/MX518.
PSU Corsair VX450
Case Corsair Carbide 400R
Cooling Stock (for the time being)
Hard Drives 250 GB Seagate.
1 TB WD Green.
Internet Speed 60 KBps (Things are different in India LOL)
Antivirus AVIRA Free Edition
Browser Firefox
Other Info Previous set-up:
E5300>E2140 @3.6 Ghz>Q6600 @ 3.8 Ghz with Thermaltake Ultima 90.
Nvidia 8600GT>8800 GT>ATI 4850>ATI 3450>ATI 5770> now ATI 3100 (onboard)
Intel DG965WH>ASUS P5B>ABIT IP35-E>Gigabyte G31-S2L> Gigabyte GA78LMT-USB3.
Corsair Value Select 2GB>Crucial Ballistix 2GB>GSkill 2GB>Corsair Vengeance 4GB.
1.3TB Hdd.
Matrix Server Chassis (with 12 Glacialtech Fans)>Coolermaster Elite 33
|
08 Mar 2011
|
#6 | |
|
Quote: Originally Posted by Rockfella Well the situation is not that serious as you think. One needs to use logic as well while banking online.
Quote: Originally Posted by I be he Do not do any banking over the internet!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! I understand what your saying, but i still disagree with your " situation is not that serious" statement. | | My System Specs | | OS Win 7 64 premium
Other Info 7 fw, LUA, UAC on high, IE-9 w/ smartscreen on, SANDBOXIE
|
09 Mar 2011
|
#7 | |
Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case New England |
I think what Rockfella was pointing out was that particular malware is not a serious matter for everyone but for those who could be compromised since they bank in the countries named in the report.
For banking online as a general rule however a degree of common sense would be the first thing to apply as far as taking the necessary security precautions whenever possible. Banks as a rule consult with security professionals while the average user can still be caught offguard and become a victim!
So you could say that taking security seriously when doing any online banking is the golden rule of thought. | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case
CPU AMD Phenom II X4 975 Deneb 3.6ghz - 965 on new mini tower
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 1.5v 16gb - Mushkin on 2nd build
Graphics Card MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
Sound Card Creative Labs X-Fi XtremeGamer - Realtek onooard 2nd case
Monitor(s) Displays 2 x Acer P191W 19" widesscreen - HP 20" widescreen mini towe
Screen Resolution 1440x900 native - 1600x1024 on 7 Pro x64 build
Keyboard Microsoft Recusa Razor - MS Comfort 3000 on second build
Mouse MS Trackball Explorer - A4TECH dual scroll wheel trackball
PSU Corsair 750TX - primary / Corsair CX600 - second
Case Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
Cooling Zalman CNPS9900A
Hard Drives Primary Ultimate x64 build-
WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 18
Second 7 Pro x64 mini tower-
WD Caviar SE 500gb sata II single drive presen
Internet Speed 30mbps upgrade - primary hard wired - mini tower usb WiFi
New Banking Trojan Targets All Major Browsers problems? All times are GMT -5. The time now is 10:19 AM. |  |
