A 20-year-old Brazilian kid has been revealed as the maker of more than 100 banking trojans by the security firm Trend Micro. He is known online by the name of ‘Lordfenix’, ‘Filho de Hacker’ and ‘Hacker’s Son.’
He is a computer science student who earned this money between April 2013 and targeted banks like Bank of Brazil, HSBC Brazil and Caixa. He began his career by asking for hacking advice in forums and today he is found offering free version of highly-efficient banking Trojan source code to the forum members in the underground world.
One of the Trojans detected called TSPY_BANKER.NJH identifies and wakes up when a user enters its target banks’ URL. Then it closes the active browser window and displays an error message to open a new fake browser windows. This is so smooth and unnoticeable that user doesn’t have a clue.
Now the user enters the login username and password in the fake window and the trojan sends back the information to the attacker. For more protection, the trojan terminates the process GbpSV.exe associated with the popular security software G-Buster Browser Defense, a security program used by many Brazilian banks.
Lordfenix claims that these free versions can steal credentials of bank customers of four different banks. On the other hand, the paid $300 versions target more banks using the tricks to disable the popular security software popular in Brazil. The security company has posted a picture of programmer’s Facebook page that shows a big pile of local currency on his bed.
Apart from his expertise in this area, the other factors that helped Lordfenix were the facts that more than half-population of Brazil uses internet for transaction and dealing with digital crime isn’t a top priority in the country.
Did you like this story about the 20-year-old Trojan King? Tell us in comments.
Image: David Goehring/Flickr
For more updates and interesting stories from fossBytes, subscribe to our newsletter. [newsletter_signup_form id=1]