Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
16 entries found.
Win32/Bancos
Updated on Aug 23, 2006
Microsoft security software detects and removes this family of threats.
This family of data-stealing trojans can steal your online banking login details, such as your user names and passwords. They then send the stolen information to a malicious hacker.
They mostly target Brazilian bank customers.
Alert level:
severe
TrojanSpy:Win32/Bancos
Updated on Jun 10, 2009
Microsoft security software detects and removes this threat.
TrojanSpy:Win32/Bancos is a family of password stealing trojans that target specific online banking Web sites commonly located in Brazil.
Captured credentials may be sent to the attacker via e-mail, ftp or sent to a remote server through some other protocol depending on the variant.
Alert level:
severe
TrojanDownloader:Win32/Bancos.CQ
Updated on Oct 30, 2009
TrojanDownloader:Win32/Bancos.CQ is a trojan that downloads and installs a driver file and a rootkit detection tool ("GMER"). Both are then used to detect and remove installed components of a security application used by Brazilian banks to protect customers from Internet banking fraud.
Alert level:
severe
TrojanSpy:Win32/Bancos.gen!A
Updated on May 07, 2008
TrojanSpy:Win32/Bancos.gen!A is a password stealing trojan, that targets specific online banking web sites. Captured credentials may be sent via SMTP e-mail to a specified e-mail address.
Alert level:
severe
TrojanSpy:Win32/Vwealer.XL
Updated on Dec 11, 2008
TrojanSpy:Win32/Vwealer.XL is a trojan that may attempt to gather keystrokes and information on what windows are currently open. It may then contact a remote server to send its gathered information.
Alert level:
severe
PWS:Win32/OnLineGames.AG
Updated on Dec 17, 2008
PWS:Win32/OnLineGames.AG is a trojan designed to steal user credentials for the online payment system Paypal.
Alert level:
severe
Trojan:Win32/Banker.B
Updated on Nov 12, 2009
Trojan:Win32/Banker.B is a trojan that attempts to disable an online banking security software.
Alert level:
severe
TrojanSpy:Win32/Banker.OT
Updated on Nov 16, 2009
TrojanSpy:Win32/Banker.OT is a variant of the Win32/Banker family of data stealing trojans. It redirects Web browsing of certain online banking sites and may copy itself to removable drives.
Win32/Banker is a family of data-stealing trojans that captures banking credentials such as account numbers and passwords from computer users. It then relays the captured information to the attacker. Many Win32/Banker variants target customers of Brazilian banks while some variants target customers of other banks. Please see our detailed TrojanSpy:Win32/Banker family analysis elsewhere in this encyclopedia for additional information.
Alert level:
severe
TrojanDownloader:Win32/Banload.MS
Updated on Apr 07, 2010
TrojanDownloader:Win32/Banload.MS is a member of Win32/Banload - Microsoft's detection for a family of trojans that downloads other malware. The downloaded malware are usually members of the Win32/Banker family - trojans that steal banking credentials and other sensitive data, and send it back to a remote attacker.
Alert level:
severe
TrojanSpy:Win32/Bancos.TL
Updated on Apr 11, 2010
TrojanSpy:Win32/Bancos.TL is a trojan that modifies a compromised system in order to use an attacker specified proxy for particular Internet banking sites.
Alert level:
severe
Trojan:Win32/Killav.EA
Updated on Dec 03, 2009
Trojan:Win32/Killav.EA is a trojan that may have the capacity to terminate security-related processes, including those for antivirus programs, and monitoring or debugging tools. It is usually used by other malware families to perform their malicious actions.
Alert level:
severe