Welcome to the Virus Encyclopedia of Panda Security.
It steals the banking data of users when they access the website belonging to certain banking entities. It reaches the computer in an email message in Portuguese which requires users to confirm certain data.
|First detected on:||Dec. 7, 2009|
|Detection updated on:||Dec. 22, 2009|
Banker.MAI is a Trojan designed to steal the banking details that users enter when they access the website belonging to certain banking entities.
Once a computer is infected, it sends a message to the email account of its creator.
Banker.MAI reaches the computer in an email message in Portuguese which seems to have been sent by a certain banking entity requiring users to confirm certain data.
Banker.MAI is easy to recognize, as it reaches the computer attached to an email message in Portuguese which seems to have been sent by a certain banking entity and requires users to confirm certain data.
The message has the following characteristics:
- Subject: it can be the following, among others:
Segue em anexo o comprovante de depósito em conta corrente do ressarcimento do Contrato n° 118255371, Pedimos que confira seus dados e extrato e verifique se todas as informações e valores estão corretos para confirmar nosso procedimento de em nosso sistema
Av. Brigadeiro Faria Lima, 1266 - São Paulo - SP
(11) 3345-2334 / 2235-2354
- Atachment: the message contains a self extracting RAR which contains the Trojan.