ESET, the company behind the well known NOD32 anti-virus software, just announced their latest discovery : Hesperbot, a new and very effective banking trojan, that targets people who use online banking in order to gain access to their accounts.
The nasty part about this new malware is its design, which is able to circumvent the mobile multi factor authentication systems.
Hesperbot is detected as Win32/Spy.Hesperbot and its source code looks almost identical to Zeus and SpyEye Banking, two very well known trojans.
Until now, Hesperbot infected devices/users located in the UK, the Czech republic, Turkey and Portugal.
This malware is very advanced in its capabilities. It features a key logger, which records everything you’re typing and sends the data to its owner via email/sms. Also, it will capture screenshots from your device and is capable of setting up a remote proxy.
Hackers using the Hesperbot are aiming to gain access to your online bank account and for this, they must install a mobile component of the trojan on your Android running device in order to defeat the multi factor authentication system (obviously, it works on other operating systems too, not just on Android).
Hesperbot has very advanced features, like creating a “stealth” VNC server on your device or intercepting your network traffic. The malware started spreading in the Czech republic via phising emails allegedly coming from the Postal Service, obviously fakes. The trojan is able to collect all the email addresses from an infected system and use them to propagate itself further.
After a system gets infected with the malware, the hacker is able to gain access to your online bank account credentials and you can kiss your money goodbye.