Welcome to the Virus Encyclopedia of Panda Security.
It obtains confidential information of the user related to certain banking entities. In order to do so, it redirects users to websites that imitate the original one where they are requested to enter their passwords and data from the coordinate card. It does not spread automatically by its own means.
|First detected on:||June 1, 2008|
|Detection updated on:||June 1, 2008|
Banker.LAX is a Trojan which obtains confidential information of the user related to certain banking entities.
In order to do so, when the user visits the website of certain banks, the Trojan is activated and the user is redirected to a fake website which imitates the original one. In order to avoid the user's suspicion, it replaces the URL of the address bar with the one belonging to the original website.
The Trojan obtains all the information entered by the user. Then, it is sent to its author.
Banker.LAX does not spread automatically by its own means.
Banker.LAX is easy to recognize, as when it is run, the following message is displayed: