Welcome to the Virus Encyclopedia of Panda Security.
It obtains data from a certain Brazilian banking entity. In order to do so, when it is run, it displays a false website that imitates the legitimate one. It reaches the computer downloaded by Trj/Downloader.OPY in a file that has the icon of Internet Explorer.
|First detected on:||May 28, 2007|
|Detection updated on:||May 29, 2007|
BankFake.A is a password stealer type Trojan that obtains affected users' access data to a certain Brazilian banking entity: Caixa.
When it is run, it displays several false websites that imitate the original one, where users are requested to log in and enter their access data. Once the information is entered, BankFake.A stores it in a file and sends it to a certain email address.
BankFake.A reaches the computer downloaded by Trj/Downloader.OPY in a file that has the icon of Internet Explorer, as if it were a shortcut to a website.
BankFake.A is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.