{"id":6366,"date":"2017-01-25T12:12:46","date_gmt":"2017-01-25T20:12:46","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/01\/25\/news-204\/"},"modified":"2017-01-25T12:12:46","modified_gmt":"2017-01-25T20:12:46","slug":"news-204","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/01\/25\/news-204\/","title":{"rendered":"Spanish police nab suspect behind Neverquest banking malware"},"content":{"rendered":"

<\/p>\n

Spanish police have arrested a Russian programmer suspected of developing the Neverquest banking Trojan, a malware targeting financial institutions across the world. <\/p>\n

The 32-year-old Russian citizen known as Lisov SV was arrested at the Barcelona airport, Spain’s law enforcement agency Guardia Civil said on Friday. <\/p>\n

The FBI had been working with Spanish authorities to track down the suspect through an international arrest warrant, according to a statement<\/a> from the agency. The FBI, however, declined to comment on the man’s arrest. <\/p>\n

Neverquest<\/a> is designed to steal username and password information from banking customers. Once it infects a PC, the malware can do this by injecting fake online forms into legitimate banking websites\u00a0to log any information typed in. It can also take screenshots\u00a0and video from the PC’s desktop and steal any passwords stored locally. <\/p>\n

Once the credentials are stolen, Neverquest can use the infected PC to secretly log back into the customer’s online banking account. It can then access the victim’s funds and transfer the money out.\u00a0 <\/p>\n

In 2013, antivirus vendor Kaspersky Lab discovered the malware being advertised in black market forums. It’s since been found preying<\/a> on the banking sites of 100 to 200 financial institutions, and it has features built in making it hard for security researchers to track.\u00a0 <\/p>\n

On Friday, Spanish authorities said the malware has resulted in financial losses from victims of about US$5 million. Lisov is suspected of creating NeverQuest\u00a0and then using servers to administer the malware. <\/p>\n

One such server contained files with millions of stolen login credentials from financial website accounts. <\/p>\n

The arrested suspect\u2019s full name is Stanislav Lisov, according to Russian news agency TASS, and he was arrested on Jan. 13. Russian diplomats have sent a request to Spanish authorities to learn more about the charges against Lisov. <\/p>\n

If Lisov is indeed behind Neverquest, his arrest may stop or slow down the malware’s spread.\u00a0Last August, IBM Security\u00a0said<\/a>\u00a0Neverquest was the most active financial malware in the world. <\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

\n
\n

Spanish police have arrested a Russian programmer suspected of developing the Neverquest banking Trojan, a malware targeting financial institutions across the world.<\/p>\n

The 32-year-old Russian citizen known as Lisov SV was arrested at the Barcelona airport, Spain’s law enforcement agency Guardia Civil said on Friday.<\/p>\n

The FBI had been working with Spanish authorities to track down the suspect through an international arrest warrant, according to a statement<\/a> from the agency. The FBI, however, declined to comment on the man’s arrest.<\/p>\n

Neverquest<\/a> is designed to steal username and password information from banking customers. Once it infects a PC, the malware can do this by injecting fake online forms into legitimate banking websites\u00a0to log any information typed in. It can also take screenshots\u00a0and video from the PC’s desktop and steal any passwords stored locally.<\/p>\n

To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714],"class_list":["post-6366","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6366","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=6366"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6366\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=6366"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=6366"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=6366"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}