Welcome to the Virus Encyclopedia of Panda Security.
It obtains the access data to a certain Brazilian banking entity. In order to do so, when the users log in the website of such bank, it displays a website imitating the original, where confidential information is requested about their bank account. It reaches the computer in a file that has the icon of Windows Media Player.
|First detected on:||Jan. 5, 2008|
|Detection updated on:||Jan. 7, 2008|
|Yes, using TruPrevent Technologies
Banker.KDW is a password stealer type Trojan that obtains affected users' access data to a certain Brazilian banking entity.
When users log in the website of such bank, Banker.KDW opens another one where confidential information is requested, such as their account number and the numbers of their coordinate card.
If this information is entered, Banker.KDW will log it and send it via email to its author.
Besides this data, it also sends information about the users' computer such as, the computer name and, infection date and time, among others.
Banker.KDW reaches the computer in a file that has the icon of Windows Media Player. However, it does not spread automatically by its own means.
Banker.KDW is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.