By GoldSparrow in Ransomware

Threat Scorecard

Ranking: 10,756
Threat Level: 10 % (Normal)
Infected Computers: 778
First Seen: June 26, 2014
Last Seen: September 16, 2023
OS(es) Affected: Windows

Svpeng is a Trojan infection. Svpeng combines the capabilities of a banking Trojan with ransomware infections to carry out a sophisticated attack meant to get money from inexperienced computer users. Svpeng was originally spawned as a copycat of two threat infections that were recently taken down, Gameover and CryptoLocker. Gameover is variant of the Trojan Zeus banking Trojan, whose notorious botnet was taken down recently. Cryptolocker is a particularly nasty Ransomware Trojans. Combining these two strategies, Svpeng has started to emerge, targeting computer users in the United States and the United Kingdom.

How the Svpeng Trojan Attacks Your Computer

This infection combines banking Trojan strategies with ransomware infections. Although Svpeng has been around for a long time and is one of the principal banking Trojans in Russia, this is the first time that PC security analysts have noticed Svpeng attacks outside of Russia. This redesign of the notorious threat infection is a worrying event to PC security researchers.

The currently active version of Svpeng does not collect banking passwords or credentials yet. However, PC security analysts are quite sure that Svpeng may do it eventually, because Svpeng is very closely related to a common Trojan that operates in Russian-speaking countries that are used to gather banking credentials. Malware researchers have also analyzed Svpeng's code and have observed references to Cryptor, which is used to encrypt files. In an age in which mobile devices are widely used, mobile Trojans are starting to emerge and become more sophisticated every day. Svpeng follows the release of Pletor, a similar threat infection that appeared for the first time in the wild in May of this year.

Svpeng Searches Your Phone For Bank Accounts Information

Svpeng may look through your phone in search for applications belonging to the most common banks in the United States and the United Kingdom. Then, Svpeng may try to collect login information and passwords for these banks. Svpeng may also block your mobile device, displaying a typical ransomware message from the FBI and demanding payment of $200 USD through services like MoneyPak.


Most Viewed