Corkow, a Banking Trojan which has interest in Bitcoins and Android developers

By | 09:06 Leave a Comment
Security researchers at ESET have found that the infection ratio of the lesser-known Russian Banking Trojan "Corkow" is increasing.

According to WeLiveSecurity, the Corkow trojan allows attackers to use different plug-in to improve the capabilities. 

Like other trojans, it is capable of logging keystrokes, grab screen shots, web injection and form-grabbing to trick victims into handing over their financial data to cyber criminals.

In addition to the usual banking trojan features, it also allows attackers to remotely access the trojan and installs Pony- universal password stealer. 

The malware also capable of collecting browser history, list of applications installed and processes running on the infected machine. 

It appears the malware has interest on websites and softwares related to Bitcoins and systems belong to Android developers who publish apps in Google Play.

Once a system is infected, the malware's payload will be encrypted using volume serial number of C drive and behaves innocuously, if it is being executed in a separate computer from the one it initially infected in an attempt to make the malware analysis difficult.
Newer Post Older Post Home

0 comments: