Welcome to the Virus Encyclopedia of Panda Security.
It obtains the access data to different Brazilian banking entities. In order to do so, when the website of any of these services is accessed, it displays a website identical to the original and specially created by the Trojan, in order to deceive users. It reaches the computer in a file that has the icon of Windows Media Player.
|First detected on:||Dec. 29, 2007|
|Detection updated on:||Dec. 29, 2007|
|Yes, using TruPrevent Technologies
BankFake.H is a password stealer type Trojan that obtains affected users' access data to certain Brazilian banking entities.
When users access any of them, BankFake.H closes the webiste and opens another one with the image of the original file, created by the Trojan. Users follow the usual process to log in, where their banking data is requested, thinking it is the original website of the bank.
BankFake.H reaches the computer in a file that has the icon of Windows Media Player. However, it does not spread automatically by its own means.
BankFake.H is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.