Author Topic: Neverquest Banking Trojan Uses VNC, SOCKS in New Threat  (Read 30468 times)

0 Members and 1 Guest are viewing this topic.

January 31, 2014, 06:49:12 am
Read 30468 times


  • Jr. Member

  • Offline
  • **

  • 13
A new banking Trojan in the news, known as Neverquest, is active and being used to attack a number of popular banking websites. This Trojan can identify target sites by searching for specific keywords on web pages that victims are browsing. After infecting a system, the malware gives an attacker control of the infected machine with the help of a Virtual Network Computing (VNC, for remote access) and SOCKS proxy server. The Trojan targets several banking sites and steals sensitive information such as login credentials that customers enter into these websites. The Trojan also steals login information related to social networking sites (listed in the configuration file) like Twitter, and sends this information to its control server.

Details ...