Brolux trojan targets Japanese banking users, distributed through adult site

Japanese online banking users are the target of a newly detected banking trojan, dubbed Win32/Brolux.A, which is so far spread through two vulnerabilities still distributed by an adult website.

Japanese online banking users are the target of a newly detected banking trojan, dubbed Win32/Brolux.A, which is so far spread through two vulnerabilities still distributed by an adult website.
Japanese online banking users are the target of a newly detected banking trojan, dubbed Win32/Brolux.A, which is so far spread through two vulnerabilities still distributed by an adult website.

Japanese online banking users are the target of a newly detected banking trojan, dubbed Win32/Brolux.A, which is spread through two vulnerabilities distributed by an adult website, security researchers at ESET said last week.

The trojan takes advantage of a vulnerability in Flash that was revealed after the Hacking Team itself was hacked as well as a vulnerability called the unicorn bug, which was discovered last year in Internet Explorer.

When a potential victim visits the adult site, the exploits attempt to steal personal data by installing a signed malicious binary, the researchers said, underscoring the importance of updating and patching software. They noted that Win32/Brolux.A uses a “slightly modified version” of the proof of concept code for the IE vulnerability that has been out for a while. And a working exploit of the Flash vulnerability was published as the Hacking Team leak was being analysed.

Sign up to our newsletters