New Trojan intercepts online banking information

Trojan.Silentbanker can intercept online banking transactions that normally are well guarded by two-factor authentication procedures

A new Trojan program is targeting unwitting users' bank data by intercepting account information before it is encrypted and sending it to a central attacker database.

The Trojan, dubbed Trojan.Silentbanker by security software company Symantec, can intercept online banking transactions that normally are well guarded by two-factor authentication procedures. During a banking transaction, Silentbanker will change the user's bank account details over to the attacker's account, all the while mimicking what the user would expect to see from a typical banking transaction. Because users have no idea their account data has been changed, they then unknowingly send money to the attacker's account after entering their second authentication password.

Although the Trojan.Silentbanker is listed by Symantec as having a low level of distribution and being easy to remove from infected machines, Symantec security response team member Liam O'Murchu says it still poses a danger because of its ability to work without users detecting it.

"The scale and sophistication of this emerging banking Trojan is worrying, even for someone who sees banking Trojans on a daily basis," writes O'Murchu on Symantec's security response blog. "This Trojan downloads a configuration file that contains the domain names of over 400 banks. Not only are the usual large American banks targeted but banks in many other countries are also targeted, including France, Spain, Ireland, the UK, Finland, Turkey -- the list goes on."

The Trojan can be "downloaded or delivered silently through Web exploits," according to Symantec. Once it has been loaded to a machine, it can hook onto various APIs in both Internet Explorer and Firefox. As soon as the program is in place on a Web browser, it is free to cause all kinds of mischief, including redirecting legitimate banking requests to attacker-controlled computers; altering the HTML of pages shown to the user; and recording user names and passwords, as well as capturing screenshots of any Web pages the user visits.

Additionally, says O'Murchu, the Trojan can constantly update itself, as it relays URLs and HTML from banking Web sites to the attackers on a daily basis. "Using these submissions they can target banks for which they do not have bank accounts already," he says. "We are currently monitoring all of the updates to this Trojan."

Symantec recommends users take several steps to guard themselves against this Trojan, including disabling system restore before getting rid of the virus, to ensure the system doesn't inadvertently back up a copy of the Trojan software; making sure all virus definitions are updated on their antivirus software; running a full virus scan of their machines; and finally, deleting the value from their registry.

The Silentbanker Trojan is not the first Trojan aimed at attacking bank accounts. Late last year, for instance, security firm SecureWorks discovered a botnet-controlled Trojan called the "Prg Banking Trojan" that is believed to have affected customers from more than a dozen banks in the United States, the United Kingdom, Italy and Spain.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Brad Reed

Network World
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?