Published On: Mon, Jul 14th, 2014

New malware targeting online banking customers found: eScan


eScan the benefactor of anti-virus and content security solution provider, has informed the online banking users about the latest malware named HijackRAT and Emotet. These malwares are a threat for online transactions as they steal the confidential and important information.

The malware HijackRAT steals the personal information including the banking credentials and login details of the infected users. It easily enables the hackers to have remote access to the infected device. The malware gets into the system of the user through a malicious app called Google Service Framework it is said to be one of the most advanced malware application ever discovered. This application is said to steal data and also sends SMSs to the entire contact list of the user and starts malicious app updates. Along with this it also looks for the banking applications stored on the device and replace them with the malicious ones. The researchers believe that the cyber-criminals have designed the application in order to hijack the bank.

Presently, this app is being used to target the customers of Korean banks and other financial institutions. The researchers further state that, the package name of this RAT malware is ‘com.II’ and it comes with a default Android icon.

Talking about the Emotet malware, this gets floated with the help of spam emails. The attackers send a fake banking invoice to the customers and make them believe that it is sent by the bank itself. These emails deal with money transfers or shipping invoices. These emails contain embedded links, when the user click on the links the malware gets installed in their systems.  The virus comes with a list of banking URLs mostly owned by German banks. If a user infected with Emotet visits any of the listed URLs, Emotet immediately records all the information that is transferred between the user and that website. Research indicates that Emotet can also steal personal data of the user from HTTPS banking websites protected by TLS encryption.

eScan recommends certain points that should be followed by the users at the time of online banking. The user should always use reliable anti-virus software. One should always avoid clicking on the links given in the unsolicited emails and be also avoid providing your confidential information to any unknown sites. Properly check the URLs of the websites and don’t disclose your login credentials to anyone.

About the Author

Heena Gupta

- A reader at heart, this girl loves to express through writing. Her ears perk up as soon as she senses any tech molecule in the air. With the ability to use and navigate typical technologies she becomes a complete tech enthusiast. This post graduate in Mass Communication lives in the world of gadgets. Fiction, history and cartoons keep her busy in the free time. Her urge to grow mixed with excellent writing skills forces us to have her as a part of our workforce.

  • Get Livefyre
  • FAQ

New malware targeting online banking customers found: eScan