OREANDA-NEWS. February 6, 2012. According to Kaspersky Security Network data, over the last three months Trojan bankers have been detected on an average of 2000 unique users’ computers every day. Moreover, 780 signatures for new malicious programs that target sensitive financial information are added to Kaspersky Lab’s antivirus database on a daily basis – that is 1.1% of the total number of malware detected every day by the company’s software.

Notably, in January Kaspersky Lab experts discovered Trojan-Banker.MSIL.MultiPhishing.gen which is designed to steal account details from clients of numerous banks including Santander, HSBC Bank UK, Metro Bank, Bank of Scotland, Lloyds TSB, and Barclays.

After launching, the Trojan waits for an online banking service to start running. It then opens a window that imitates an authorization form for the respective bank. Interestingly, the Trojan allows no mistakes, checking the accuracy of the data that is entered.

The fraudsters end up obtaining confidential information that gives them full access to the victim’s bank account. It should be noted that the Trojan primarily targets users from the UK, with over 90% of the antivirus detections for this banker being recorded there.

However, Trojan bankers affect just about every corner of the globe. Brazil tops the list of countries most frequently targeted (16.9% of detections), followed by Russia (15.8%) and China (10.8%). (The distribution of Trojan banker detections can be viewed in the attached Excel file.)