1. /
  2. Security Response/
  3. Infostealer.Bancos

Infostealer.Bancos

Risk Level 1: Very Low

Discovered:
July 17, 2003
Updated:
April 29, 2010 4:35:04 PM
Also Known As:
New Malware.j [McAfee], PWSteal.Bancos [Symantec], Banbra.GRW [Panda Software]
Infection Length:
911,962 bytes and 258,048 bytes
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Vista, Windows XP
Infostealer.Bancos is a detection name used by Symantec to identify malicious software programs that gather confidential financial information from the compromised computer.

These Trojans vary in their sophistication but they typically attempt to run undetected on the compromised computer and collect as much personal information as possible. The information collected may include details about the computer that the Trojan is installed on and also personal online login credentials for financial institutions.

The Trojan is most often spread by way of an email containing a social engineering trick such as a fake email from a bank asking the user to run the attached program and perform some other actions to verify their banking details. If the user complies with the request they could potentially reveal their account access information which may lead to significant financial loss.

If a Symantec antivirus product displays a detection alert for this threat, it means the computer is already protected against this threat and the Symantec product will effectively remove this threat from the computer.

Antivirus Protection Dates

  • Initial Rapid Release version July 17, 2003
  • Latest Rapid Release version July 6, 2014 revision 008
  • Initial Daily Certified version July 17, 2003 revision 007
  • Latest Daily Certified version July 6, 2014 revision 020
  • Initial Weekly Certified release date July 23, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Medium
  • Payload: Steals sensitive information from the compromised computer.
  • Deletes Files: May delete predetermined files.
  • Releases Confidential Info: Sends confidential financial information to a remote location.

Distribution

  • Distribution Level: Low
Writeup By: Angela Thigpen

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver