'National Bank of Greece' Email Virus
Banking users in Greece appear to be targeted by a new tactic project online. Malware researchers refer to this new campaign as the ‘National Bank of Greece’ email virus. The end goal of the ‘National Bank of Greece’ email virus is to propagate a RAT (Remote Access Trojan) called the NanoCore RAT.
The fraudulent message in the ‘National Bank of Greece’ email virus is written in Greek entirely. The recipients of the email would be asked to open the attached file, which is presented as a document regarding a recent transaction that needs to be reviewed as soon as possible. The conmen behind the ‘National Bank of Greece’ email virus have opted to use a ‘.r11’ file as an attachment. Not many users are familiar with this filetype, so it is likely to raise a red flag. The ‘.r11’ filetype is compatible with the 7Zip and WinRAR archive services. This filetype enables the fraudsters to set up a self-extracting archive, which will execute the NanoCore RAT. The NanoCore malware would allow the attackers to:
- Deploy a keylogger that collects the keystrokes of the user.
- Plant additional threats on the host.
- Monitor the user’s activity and browsing habits.
Users who do not have a legitimate, up-to-date anti-malware suite installed may not even realize that their systems have been breached by the NanoCore RAT. Make sure your PC is protected by a trustworthy security service.