x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Banker.MBX

Threat LevelLow threatDamageHighDistributionNot widespread
Common name:Banker.MBX
Technical name:Trj/Banker.MBX
Threat level:Medium
Type:Trojan
Effects:  

It is designed to steal users' banking details belonging to a certain Brazilian banking entity. It reaches the computer in a phishing message which seems to have been sent by such banking entity.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Jan. 26, 2010
Detection updated on:Feb. 4, 2010
StatisticsNo

Brief Description 

    

Banker.MBX is a Trojan designed to steal users' banking details belonging to a certain Brazilian banking entity. In order to do so, it passes itself off as the update of a program of such banking entity necessary to continue making Internet banking movements.

Banker.MBX reaches the computer in an email message (phishing) which seems to have been sent by such Brazilian banking entity.

Visible Symptoms 

    

Banker.MBX is easy to recognize, as it reaches the computer in a phishing message that seems to have been sent by certain Brazilian banking entity. The message informs users that for security reasons they have to update the version of the online banking program before a certain date or if not the access to their account will be blocked.

It is distributed in an email message like the following:

Message in which Banker.MBX reaches the computer

This message contains a link to the update of the program. However, the link points to the download of a program that imitates the banking entity's appearance and that will require users to enter their banking data.

The icon of the downloaded file contains the name of the affected bank:

Icon of the malicious file