A new Trojan, called Banbra.DCY, has opened a new door for cyber-crooks to steal users’ confidential data: video captures. Banbra.DCY has been specifically designed to target users of certain banks in Brazil that use virtual keyboards – clients don’t use their computer keyboards to enter their details, but click on a graphic keyboard on their screens – to carry out online operations.
When the user connects to certain online banking websites, the Trojan captures a screenshot of the area around the mouse pointer, and saves it to a video file with .avi format. These files are then sent to malicious users -without the target user knowing- in order to use them for all types of online fraud activities.
Traditional keyloggers and other Trojans designed to steal this type of data usually capture keystrokes entered by users, saving the data obtained to a text file. However, this forced attackers to make an effort to obtain the data they were looking for (login details, passwords, etc.). In this case, since Banbra.DCY records actions on video, cyber-crooks can easily identify what information is entered in what section of the form, making these attacks simpler than ever.
Additionally, it should be taken into account that, due to the new malware dynamic, in which the aim is financial profit, creators of Internet threats try to distribute their creations as discreetly as possible, and are trying to target their attacks, sending their creations to specific users, so that they go unnoticed by security companies.