x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Banbra.BTM

Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Banbra.BTM
Technical name:Trj/Banbra.BTM
Threat level:Low
Type:Trojan
Subtype: Password Stealer
Effects:  

It steals users' digital certificates and keys, and sends the gathered data to its author. It has been massively sent via email in a message supposedly coming from Bradesco Net Empresa.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Feb. 15, 2006
Detection updated on:Feb. 15, 2006
StatisticsNo

Brief Description 

    

Banbra.BTM is a password stealer type Trojan that is specially aimed at users of the Brazilian banking entity Bradesco Net Empresa.

This Trojan steals users' digital certificates (files with CRT extension) and keys (files with KEY extension), as well as their private key. Then it sends this information, which allows its author to access users' accounts in the said banking entity, to an email address.

Banbra.BTM has been massively sent via email in a message that passes itself off as coming from Bradesco Net Empresa.

Visible Symptoms 

    

Banbra.BTM is easy to recognize, as it shows the following symptoms:

  • It reaches the computer in a message written in Portuguese with the following characteristics:
    - Sender:
    It appears to come from the banking entity Bradesco Net Empresa.

    - Message:
    Download do Componente Certificador
    Aviso

    Prezado Cliente,

    O Bradesco Net Empresa está utilizando uma nova versão do Componente Certificador.

    Para continuar a acessar o Bradesco Net Empresa será necessário realizar o processo de download deste Componente.

    Clique aqui para realizar o download

    ATENÇÃO: Para usuários do sistema operacional Windows XP com Service Pack 2, por favor atentem ao aviso na barra amarela da parte
    superior do browser.


    - In order to pass itself off as a trustworthy message, it includes the following logos:





  • Additionally, once it has affected the computer, it displays the following image on screen, in which users are required to insert the CD-ROM or diskette where they have their bank digital certificate: