In December 2014, a new version of the infamous Trojan horse Zues called Chthonic has been detected. The new Trojan horse targets online banking systems and their customers in an attempt to gather highly sensitive information, including passwords, PINs, phone numbers, and any other login information used by the victim. The Chthonic Trojan, also known as Trojan-Banker.Win32. Chthonic, has already affected over 150 banks and 20 banking systems in 15 countries. The biggest numbers of victims are registered in the UK, Spain, Russia, Spain, the US, Japan, and Italy.
The Chthonic Trojan spreads over the Internet via email attachments carrying the .DOC extension. Once executed, the file attached exploits the CVE-2014-1761 vulnerability in Microsoft Office products. As a result, malicious code responsible for the illegal actions on the victim’s computer is downloaded and injected into the msiexex.exe process. The removal of this highly dangerous infection is a must, and, if you suspect that some malicious program is running on your computer, you should not hesitate to implement a reputable malware and spyware removal program.
Upon the installation of the Trojan Chthonic, attackers can connect to the compromised computer remotely. Most important, Chthonic injects its code and images into bank websites, which enables the attackers behind the threat to collect information about the victim. It has been found that the malware is also capable of recording keystrokes, video and sound, the latter of which is done if a web camera and Microsoft are plugged in the computer.
Additionally, in Japan the malware has enabled the attackers to carry out money transactions using the victim’s bank account, while in Russia the users of affected banks have been greeted by a completely fraudulent web page, which has been achieved by creating an iframe with a copy of the website.
Luckily, many banks alerted about the issue have already changed the structure of their websites in order to prevent damage. However, not only banks but computer users should take some preventive measures to avoid data and money loss. It is highly advisable to keep the system protected against different types of malware, because you do not know when then your operating system and Internet browsers can be compromised.
Chthonic is a highly complex infection, and, if you have never dealt with malware and have no knowledge of how remove it manually, do not try this in this case. Instead of trying to manually remove any unreliable program, rely on a program that can do that for you. We recommend that you remove Chthonic using SpyHunter, which thoroughly examines the system and provides you with detailed information about detections.