Who moved your online banking? Be careful when malicious software steals account information!

As more and more users begin to use online banking, various types of malicious software are emerging. RecentlyTrend MicroThe detected online banking malware is named emotet.It will steal data by eavesdropping.

EmotetVariants are generally transmitted through spam, and the content is usually related to bank transfers or express delivery tickets.

(Figure 1. Spam sample)

(Figure 2. Spam sample)

Once you click the link in the email, emotetThe variants will be secretly downloaded to the system and the files in the system will be stolen. Like a DLL, it intercepts and records external network traffic. If the string matches, the malware will steal various information data from the stored website.

(Figure 3 and figure 4. If you try to log on, it will be obtained by the malware)

In this form of data theft, we must pay attention to it because it directly harms users' personal identity data and bank information. When users perform online banking operations with no defense, their information is already in the hands of hackers.

If you don't want your data to be stolen, storing files and data in the registry can be a way to avoid it. Compared with checking new files, users usually do not check the registry. It can also be used to prevent viruses for the same reason.

The growth trend of online banking malware has not stopped. Instead, it has joined more new malware and new technologies. WhileTrend MicroWe are investigating how this type of malware family listens to the collected data and sends it to hackers.