Utilising a new fusion of spyware and phishing techniques, a recently discovered Trojan is threatening Spanish-speaking bank customers. Nabload.U, which distributes using MSN Messenger, has made a target of online bank users in traditionally Spanish-speaking countries. Both technical and social engineering techniques have been used to get PC users to download the Trojan.
Once it infects a computer, Nabload.U downloads another trojan, Banker.bsx, which captures a user’s password and emails the information back to its author.
PandaLabs said the trojan is unusual because it captures passwords without the use of a traditional keylogger, thus leaving the user unaware of the breach. Banks that use virtual keyboards have not been immune from the virus.