One fresh and extremely malicious banker Trojan has been found causing turmoil on Windows PCs as it nullifies integral security software, while allowing cyber-criminals to quietly capture the banking credentials of target users, published Securitynewsdaily.com dated December 7, 2011.
According to Fabio Assolini, researcher at Kaspersky Lab, the Trojan makes its impact on the bootloader "ntldr," provided via default. Securitynewsdaily.com reported this.. The Trojan, which has been detected as Trojan-Downloader.Win32.VB.aoff, emanated from Brazil, while it proliferates via e-mail web-links.
Indeed when an end-user follows the malevolent web-link, he could contract infection from the Trojan as the malware through the Web Services cloud of Amazon pulls down 2 malevolent files namely "xp-msclean" and "xp-msantivirus" that creep inside the computer's malicious bootloader, it being run even before the operating system is booted. Thereon, the files trigger one clandestine and calamitous scam.
...
