Threat Database Trojans Java/Spy.Banker.AB


By GoldSparrow in Trojans

Threat Scorecard

Threat Level: 90 % (High)
Infected Computers: 11
First Seen: March 25, 2013
Last Seen: September 4, 2022
OS(es) Affected: Windows

Java/Spy.Banker is a banking Trojan that nakes modifications to payment documents in a remote banking system BIFIT's iBank 2. Java/Spy.Banker.AB is associated with Carberp Trojan banking fraud. Java/Spy.Banker.AB circulates as an additional module 'AgentX.jar', which is dropped by Carberp. After changes made to to iBank2, by using Java/Spy.Banker.AB, the cybercriminals can control all payments made with this banking application. BIFIT's iBank2 does not check the integrity of its own code, and after changes, the remote banking application is still functioning appropriately and can make money transfers. Java/Spy.Banker.AB is able to avoid one-time password (OTP) security checks.


Most Viewed