Welcome to the Virus Encyclopedia of Panda Security.
It is designed to steal users' banking details belonging to a certain banking entity. It reaches the computer in an email message supposedly sent by the police department and which contains an attached file passing itself off as a pdf document.
|First detected on:||Oct. 1, 2009|
|Detection updated on:||Oct. 2, 2009|
|Yes, using TruPrevent Technologies
Banker.LYI is a Trojan designed to steal users' banking details belonging to a certain banking entity.
When it is run, it connects to the official website of the police in order to distract users' attention.
Banker.LYI reaches the computer in an email message that seems to have been sent from the police department and which contains an attached file passing itself off as a pdf document.
Banker.LYI is easy to recognize, as it reaches the computer in an email message written in Spanish which seems to have been sent by the police department and has the following characteristics:
- Subject: Convocatoria en la Audiencia
PROCEDIMIENTO DE INVESTIGACIN N 363134/2009
CONVOCATORIA DE ASISTENCIA EN LA AUDIENCIA del investigador procedimiento anterior, en relacin con la ltima noche de agosto 12 de 2009 se llev a cabo en el delito pblico, como se puede ver el orden que se adjunta.
Anexo: CONVOCA10-PDF (498k)
Direccin General de la Polica y de la Guardia Civil | www.policia.es
- Attachment: a file which passess itself off as a pdf file. However, it has an SCR extension.
When the attached file is run, the following site is opened, which belongs to a certain section of the official website of the police: