Hesperbot Banking Trojan

There has been discovered a new banking trojan that seems to target online banking users mainly in Turkey, the Czech Republic, Portugal and the United Kingdom. This Hesperbot named trojan uses very credible-looking phishing-like campaigns, related to trustworthy organizations, to lure victims into running the malware.

"Despite being a “new kid on the block”, it appears that Win32/Spy.Hesperbot is a very potent banking trojan which features common functionalities, such as keystroke logging, creation of screenshots and video capture, and setting up a remote proxy, but also includes some more advanced tricks, such as creating a hidden VNC server on the infected system. And of course the banking trojan feature list wouldn’t be complete without network traffic interception and HTML injection capabilities. Win32/Spy.Hesperbot does all this in quite a sophisticated manner."

More about Hesperbot can be read in Robert Lipovsky's blog post.