Tweet

A few days ago, I stumbled upon a post by a certain user in a public forum that advertised a little application developed to check the credit scores and criminal records of Brazilian citizens.

Looking at the application, I found out that it basically makes HTTP requests to public sites to get the information and to display the results. Nothing particularly malicious, right?

However, upon checking the code, I was able to locate a function called “Virus.” The said function, unsurprisingly, downloads one Bancos Trojan detected by Trend Micro as TROJ_BANKER.LEB.

This kind of instance is definitely not uncommon. I’ve seen instances wherein cybercriminals tried to deceive the users to download and use an application. What the users don’t know is that the real intention of the author is to steal bank credentials and other personally identifiable information (PII).

Users should always keep in mind that a certain level of trust should be involved when it comes to installing and utilizing applications. Any software, once installed gains access to a system. This may include access to critical user information. Thus, users should only install software that come from trusted developers or from verified sources.