BOOKMARK THIS ALERT

  digg   |     del.icio.us   |     reddit
  newsvine   |     furl   |     technorati

Erste Securities in Poland Hosting Malicious Code

Date:09.25.2008

Threat Type: Malicious Web Site / Malicious Code

Websense® Security Labs™ ThreatSeeker™ Network has discovered that the web site of Erste Securities in Poland is hosting malicious code. Erste Securities Polska S.A. represents the Erste Bank group in Poland - one of the largest Austrian banking groups and a leading financial services provider. Erste Bank is a retail bank in Central Europe based in Vienna, Austria, and operating in Austria, Bosnia and Herzegovina, Croatia, Czech Republic, Hungary, Romania, Serbia, Slovakia, and Ukraine.

The malicious code is named foto.exe, but uses the default JPG icon on Windows XP to disguise itself from appearing as a Windows executable. Upon execution, the malware (SHA1: 0f7151400dbb7ecf5f9e7a4dc7947891) downloads a keylogger/password stealer Trojan banker, that steals personal financial information.

Screenshot of the web site's main page: 
 

Websense Messaging and Websense Web Security customers are protected against this attack.

•  Subscribe to this feed »