Welcome to the Virus Encyclopedia of Panda Security.
It checks if the user accesses a website belonging to a banking entity, displays a message in order to trick the user into providing confidential data and sends the gathered information to a server in the Internet. It downloads and runs a file. It is usually downloaded to the affected computer by other malware.
|First detected on:||June 23, 2005|
|Detection updated on:||June 29, 2005|
Bancos.GW is a password stealer type Trojan that entices users into providing confidential information.
In order to do so, it checks if certain websites are accessed, or certain keywords are typed, related to banking entities. If so, Bancos.GW displays a message written in Spanish that attempts to entice the affected user into providing confidential data. Then, the gathered information is sent to a server in the Internet.
Additionally, Bancos.GW attempts to download and execute a file. This executable file could be of any nature.
Bancos.GW does not automatically spread using its own means. It is usually downloaded to the affected computer by other malware.
Bancos.GW is easy to recognize once it has affected the computer, as it displays the following message on screen when the user accesses a website belonging to certain banking entities: