neverquest banking troyan


In the last few weeks we have noticed an increase in attacks of Neverquest, a new banking Trojan that has already affected thousands of computers. The increase of online purchases with the arrival of Christmas causes cyber attacks to grow considerably, in particular those who aim to steal bank or personal data.

The infection of this new Trojan is usually through classic social engineering: emails, social networking, file download that appears legal… once the malicious program is executed on the computer, it creates a DLL, whose mission is to connect remotely with a server of where it is to download files to monitor the browser of the infected system and its configuration. The DLL is registered by the system, in every restart of the system, thanks to a registry key created by the original file. At the end of these actions, the file is deleted.

The greatest danger that is presented by Neverquest, is that the phisher can change the configuration of the Trojan. This way, it can be modified each time the website is visited that they want to monitor. That is to say, with a single infection it can obtain banking data of a particular entity or transactions of a purchase online from a website, and change the settings and obtain data from other transactions.

How do I Avoid a Neverquest Attack?

As always, use common sense and avoid any link or file that looks suspicious to you.

On the other hand, there are other security measures you can take:

1. Thoroughly check the movements of your bank account to verify that the charges are known.

2. Have your operating system and antivirus software fully updated.

3. Install a good antivirus that protects your online transactions.


Panda Security detects this type of virus, and protects you against it and other variants. Thanks to the virtual keyboard and its protection for online purchases, you can surf the internet safely.

Have you been the victim of data theft or personal banking in any occasion?