Banbra.DUG is a password stealer type Trojan that monitors Internet traffic generated when users access the website belonging to certain Brazilian banking entities: Bradesco, Caixa Economica Federal, Santander Banespa and Unibanco.
When the users access any of them, it displays a false website that imitates the original one, where users are requested to log in. This way, Banbra.DUG obtains confidential user data, such as username and password.
Banbra.DUG does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.