Cyber attackers have been using a new malware trojan called "Hesperbot" to steal banking users’ login details.

The malware captures key strokes, screenshots and videos from the screens of the victims in the Czech Republic, Turkey, Portugal and the United Kingdom.

Hesperbot is spread by phishing emails which seem to be invoices, and attempts to infect mobile devices running Android, Symbian and Blackberry operating systems.

The attackers aim to obtain login details by sending emails seeming to originate from credible organizations. Once they have obtained access to the victim’s bank account, they try to install a mobile component of the malware on their smartphone.

Robert Lipovsky, malware researcher for anti-virus software provider ESET, said: "Analysis of the threat revealed that we were dealing with a banking trojan, with similar functionality and identical goals to the infamous Zeus and SpyEye. But significant implementation differences indicated that this is a new malware family, not a variant of a previously known trojan."

It was first detected in Turkey in early July.


Related articles

UK online banking fraud rises

Commerzbank launches photoTAN to combat online fraud

UK’s FCA to review m-banking security