Kaspersky Lab has identified a new malicious programme capable of attacking any bank in any country, the Neverquest Trojan banker, which is targeted towards user of online banking.
The Neverquest Trojan banker is claimed to bypass online banking security systems like the web injection, remote system access as well as social engineering.
According to the company, the period before Christmas and New Year holidays experiences high malicious user activity and posts regarding buying and selling databases to access bank accounts and other documents have been made since early November.
Neverquest is capable of stealing usernames and passwords to bank accounts along with the data entered by the user into the modified pages of a banking website, while the special scripts for Internet Explorer and Firefox are said to offer the malware with control of the browser connection with the cybercriminal’s command server.
The Trojan’s also has a function that helps users to recover the list of targeted banks and develop code, which can be used on new websites that were not targeted earlier
Kaspersky Lab principal security researcher Sergey Golovanov said after wrapping up several criminal cases associated with the creation and proliferation of malware used to steal bank website data, a few holes appeared on the black market.
"New malicious users are trying to fill these with new technologies and ideas," Golovanov added.
"Neverquest is just one of the threats aiming to take over the leading positions previously held by programs like ZeuS and Carberp."
The Trojan mostly targeted investment fund sites and offers clients ways to manage finances online so that the attackers could get access their accounts and use it transfer cash funds as well as play the stock market.
