Targeting financial institutions, victims can serve as drones even after cleaning.
An Article Review.
Our friend Wes Pollard at Home Bank submitted this new malware alert to us and because it targets banking institutions specifically we thought we’d share it with you as well.
Dubbed Pinkslipbot, the malware uses a variety of methods to harvest bank account credentials from victims, and reconfigures system firewalls to make infected machines act as proxies for its command and control servers. Even after Pinkslipbot itself has been cleaned from a system systems may still remain configured to redirect traffic, allowing them to continue relaying commands to other infected machines.
For those concerned about infection, McAfee is offering a free tool that can reset Pinkslipbot’s network configuration changes, in addition to cleaning the infection itself.
Original article by Danny Palmer writing for ZDNet.