It steals confidential information related to a certain banking entity from Peru, redirecting users to a fake website which imitates the original one. It reaches the computer in a file with the icon of the United States flag and with the name BARACKOBAMA.EXE.

Windows 2003/XP/2000/NT/ME/98/95

Banker.LLN is a Trojan that steals confidential information related to a certain banking entity from Peru, redirecting users to a fake website which imitates the original one, in order to steal the data entered in it.

Banker.LLN does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.

Banker.LLN is easy to recognize, as it reaches the computer in a file with the name BARACKOBAMA.EXE and the icon of the United States flag: