Student created more than 100 Trojans within two years
Over this week Trend Micro published an article about Lordfenix a 20-year-old college student created more than 100 Trojans. This is a relatively big number especially when we know that the malwares were designed to steal users financial information. The malware writer is originally from Brazil and each malware he create can be sold for 300USD.
Lordfenix was firstly traced on a forum where he was asking for assistance to develop the malicious code. on this forum he was using another nickname Filho de Hakcer. After a while he posted some picture on Facebook with the money he make from this activity:
One of the malwares created is TSPY_BANKER.NJH this Trojan will verify the URL typed on victim system to find the bank used. next it will make the browser crash and display an error message to open a fake browser window. When victim submit the banking credential in the fake window they are going to be sent to attacker email. The malware also terminates GbpSV.exe G-Buster Browser Defense process which used by Brazilian banks for secure online transactions.
The malware will target widely used banks in Brazil such as Banco de Brasil, Caixa and HSBC Brasil. According to Trend Micro Lordfenix is not developing malwares anymore and he have started his own little enterprise and offers his malwares for free.