Viruses exploiting bank account numbers appear
People who use online banking services should be cautious with new viruses appearing on Windows that can steal account login information.
Known as a "rootkit" on websites created for the purpose of exploiting a vulnerability in Internet Explorer to install attack code. Security experts warned that Mebroot is a dangerous virus and difficult to detect because it is hidden deep in the operating system. The program seeks to overwrite a part of the main boot area (Master Boot Record - MBR). This is the area of the hard drive that the computer first reads when power is turned on, to find the operating system parameters.
Through the blog of security firm Symatec, Mr. Elia Florio pointed out that many virus programs take over before Windows uses MBR, thus controlling the operating system. Once installed, Mebroot paves the way for other malicious programs to download, such as content-stealing software, to steal confidential information. Most of these programs are inactive until computer owners access online banking systems.
Security firm iDefense has confirmed Mebroot has been detected since December 2007, but the virus variant began operating in a series of attacks that occurred at the end of the year. From December 12, 2007 to January 7, 2008, more than 5,000 computers were recorded.
The Mebroot analysis shows that thanks to the MBR mechanism as a shelter, it is possible to re-install associated programs when they are detected and removed by antivirus software. But only a few antivirus programs can find it, and Mebroot cannot be removed while the computer is working.
Computers running Windows XP, Windows Vista, Windows Server 2003 and Windows 2000 that are not fully patched are targets that are easily controlled by this virus. The tool of the independent security firm GMER has just launched is considered to promote the function of detecting and removing information theft program introduced by Mebroot.
Anh Tu
Known as a "rootkit" on websites created for the purpose of exploiting a vulnerability in Internet Explorer to install attack code. Security experts warned that Mebroot is a dangerous virus and difficult to detect because it is hidden deep in the operating system. The program seeks to overwrite a part of the main boot area (Master Boot Record - MBR). This is the area of the hard drive that the computer first reads when power is turned on, to find the operating system parameters.
Through the blog of security firm Symatec, Mr. Elia Florio pointed out that many virus programs take over before Windows uses MBR, thus controlling the operating system. Once installed, Mebroot paves the way for other malicious programs to download, such as content-stealing software, to steal confidential information. Most of these programs are inactive until computer owners access online banking systems.

The Mebroot analysis shows that thanks to the MBR mechanism as a shelter, it is possible to re-install associated programs when they are detected and removed by antivirus software. But only a few antivirus programs can find it, and Mebroot cannot be removed while the computer is working.
Computers running Windows XP, Windows Vista, Windows Server 2003 and Windows 2000 that are not fully patched are targets that are easily controlled by this virus. The tool of the independent security firm GMER has just launched is considered to promote the function of detecting and removing information theft program introduced by Mebroot.
Anh Tu
4.5 ★ | 2 Vote
You should read it
- How to manage startup programs with Windows?
- Disable programs that start with the system on Windows
- How to remove all available applications on Windows 10?
- How to Use Add or Remove Programs in Windows XP
- OneCare Live: Microsoft's security suite
- 12 programs and Windows applications are not required you should uninstall
- How to Remove Programs from Windows with IObit Uninstaller
- Hide running Windows programs and activate windows
May be interested
- Russian Trojan targets bank accountsecureworks warned a russian criminal organization is using the gozi trojan to steal personal information by exploiting an internet explorer vulnerability.
- Shinhan Bank is good?this article will clarify the information of shinhan bank, including personal, business support services and the list of shinhan bank branches in vietnam.
- Top 10 most dangerous malware types with bank accountszeus, spyeye, ice ix or citadel are notorious malware software that can infiltrate user computers, poison and steal personal information and financial data on online bank accounts. online.
- Guide to look up savings book / savings account Vietinbank and other banks through the websitecurrently, banks have supported users to look up savings accounts online. with this application you can easily check anywhere.
- How to calculate bank loan interest rates in Mayin order to be able to carry out procedures for bank loans, borrowers need to qualify for each bank's loan and complete the necessary borrowing procedures.
- 8 mistakes that are killing your power bankdo you feel like your power bank never lasts as long as you expect? it might not be the device that's at fault.
- The new Trojan silently steals $ 1 billion from bank accountsaccording to m86 security, a new version of trojan zeus silently stole money from bank accounts around the beginning of last month.
- Instructions for sending secret messages on Zalowith the new feature that sends secret messages on zalo, your conversations will be increased security, such as phone numbers, bank account numbers, ...
- How will Viettel network customers be supported to transfer 11 numbers to 10 numbers?starting from 0:00 on september 15, the conversion of viettel subscribers from 11 numbers to 10 numbers will be done and will be completed on october 7, 2018.
- Security experts discovered that the line appropriated bank accounts, Facebook, Gmail ... very large in Vietnam, you can also be a victimmany types of accounts, from bank accounts to website administration accounts.