Eurograbber
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 3 |
| First Seen: | December 11, 2012 |
| Last Seen: | February 18, 2022 |
| OS(es) Affected: | Windows |
The Eurograbber Virus is a dangerous banking Trojan that has made news because of a highly successful attack. According to PC security researchers, the Eurograbber Virus has been used to steal more than $47 million Euros! This is done by intercepting text messages used in two-step authentication by mobile banking customers. The Eurograbber Virus is not a brand new malware infection. It is one of the many variants of what is the current standard of banking Trojans: the Zeus Trojan (also known by its aliases Zbot and Zitmo). By stealing quantities fluctuating from a couple of hundred euros to tens of thousands, the Eurograbber Virus has managed to steal an exorbitant amount of money from unsuspecting computer users.
The initial Eurograbber Virus infection will usually come from a malicious link located in spam email messages. These will typically lead the victim to an attack website that uses Java vulnerabilities to install the Eurograbber Virus on the victim's computer. The Eurograbber Virus is designed to sit silently on the victim's computer, not causing overt symptoms that would betray its presence. When the victim uses the infected computer to connect to a banking portal, the Eurograbber Virus steals the victim's login information and uses a social engineering approach to convince the victim to enter their phone number. The addition of this crucial additional step is what has made the Eurograbber Virus so effective.
The Crucial Mobile Component of the Eurograbber Virus Attack
The mobile variant of the Zeus Trojan is known as Zitmo, which stands for 'Zeus in the Mobile'. When the web browser component of this attack captures the victim's phone number, the criminals behind this threat send a malicious SMS to that telephone number which infects the victim's phone with the Eurograbber Virus' mobile component, a variant of Zitmo. This allows criminals to bypass two step authentication, a practice used by most European banks in order to protect their customers. Basically, they send a text message with a confirmation code whenever the online banking account is accessed. By intercepting both the victim's browser and mobile phone, the Eurograbber Virus can be used to take over the victim's online banking account and make fraudulent withdrawals. The mobile component of the Eurograbber Virus does not affect the iPhone, only targeting BlackBerry and Android phones. This threat's Zeus variant will also affect computers with the Windows operating system, so Linux and Mac OS X users are safe from this particular threat.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.