A 20-year-old computer science student from Tocantins, Brazil, known online by the name of ‘Lordfenix’ and ‘Filho de Hacker’ (Portuguese for ‘Hacker’s Son’), has been revealed as the maker of more than 100 banking Trojans, each valued at over $300, by the security firm Trend Micro.
“Based on our research, Lordfenix has created more than 100 different banking Trojans, not including his other malicious tools, since April 2013. With each Trojan costing around R$1,000 (roughly US$320), this young cybercriminal channeled his talent in programming into a lucrative, illegal venture. Despite working alone and being only 20 years old, Lordfenix has managed to make his name known among his fellow criminals. His story—the young cybercriminal inflicting serious damage—is near-identical to that of the teens developing mobile ransomware in China. He is also not the first solo operator we have noted this quarter. The likes of Frapstar (Canada) and the cybercriminals behind FighterPOS (Brazil) and HawkEye (Nigeria) are all individual players using basic malware to gain profit,” the firm wrote in a blog.
The student first began experimenting with malicious code development by posting in forums, asking for programming assistance for a Trojan he was creating, but after two years days he grew quite confident in his skills and used to target banks including Banco de Brasil, Caixa, and HSBC Brasil.
One of his creations is known as TSPY_BANKER.NJH, a powerful Trojan which can identify when a user types any of a target bank’s URLs. The malware then closes the current browser window – if the user is running Google Chrome – before displaying an error message and opening a fake window. The moment the user inputs his details into the bogus window, the information is sent back to the attacker through email. The malware also terminates a security process called GbpSV.exe, which is used by many Brazilian banks to keep customer data safe through online transactions.
Get Your Anonymous T-Shirt / Sweatshirt / Hoodie / Tanktop, Smartphone or Tablet Cover or Mug In Our Spreadshirt Shop! Click Here
This Article (Malware King, Maker of 100 Banking Trojans, Is A Brazilian Student) is free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.com.
“The student first began experimenting with malicious code development by posting in forums, asking for programming assistance for a Trojan he was creating, but after two years days he grew quite confident in his skills and used to target banks including Banco de Brasil, Caixa, and HSBC Brasil.”
Paragraphs like this make me question the validity of some of these articles. Nearly every article I’ve read has some sort of glaring type error. Was it two years or days??? Lol
I hear ya, pathetic.
Looking into it , thank you too