Welcome to the Virus Encyclopedia of Panda Security.
It is designed to steal the banking data of users when they access the website belonging to certain Brazilian banking entities. It reaches the computer in a file which once is run displays a browser window with the image of a false PayPal receipt.
|First detected on:||Nov. 25, 2009|
|Detection updated on:||Dec. 2, 2009|
|Yes, using TruPrevent Technologies
Banbra.GLS is a Trojan designed to steal the banking details that users enter when they access the website belonging to certain Brazilian banking entities. Once the information is gathered, it is sent to a certain IP address, so that its creator can access it.
Banbra.GLS does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.
Banbra.GLS is easy to recognize, as it reaches the computer in a file with the icon of a JPG file. When it is run, the Internet Explorer browser is opened and a low quality small image is displayed. It seems to be a PayPal receipt informing users that they have an unpaid bill.
The image that is displayed is the following: