Nabload.U and Banker.BSX targets MSN Messenger users

The popularity of instant messengers has caught the attention of the virus writers. More viruses and worms are being discovered roaming wild online targeting the users of applications like MSN Messenger, Yahoo! Messenger, and AOL AIM. The latest warnings have been issued by security application developers Panda Software who are warning about two Trojan horses that are spread through MSN Messenger.

These new worms are more dangerous than usual as they are designed to harvest passwords to several Spanish online banking sites. The first one is named Nabload.U, which further goes on to download a second worm if a user clicks on a Spanish-language instant message in Messenger while also displaying two URLs that download a configuration file. The message comes from a person who is on the buddy list on MSN Messenger of the user.

This other Trojan Banker.BSX opens up port 1106 and waits to capture login and password information if the user visits any of 10 different Spanish banking sites. Once the malicious program picks up this information, it forwards this information in an email message. The Trojan application is smart considering it does not capture the key strokes as traditional worms did. In fact, even the virtual keyboards used as a security measure against these sorts of worms are not safe enough as per the information released by Panda.

The company also added that the presence of this worm has been discovered in Chile, Israel, Spain, Peru, and Argentina.

Popularity: 2%