Yesterday I received a mail regarding “Payment Processed by Visa Bill Pay” as below…
If one open this file then a Trojan get installed on system in application data folder, this Trojan connect to below domain and it may further lead to fake antivirus scams, malicious redirects, viruses, trojans, rogue installers, key loggers, droppers, browser exploits, and a range of other security threats.
“VISABILLPAY-VODAFONE.exe” is a Banking Trojan which is used to steal banking credentials from the victim (including confidential details such username, password, credit card number, etc.). By harvesting cookies and accessing other information, the criminals can extract a lot of personal information which can be used to increase their chances to get access to the victim’s online banking account.
Quick Heal detect this as Trojan.Agent2.cuyv
Thanks for taking the time to share this, I feel ogtsnrly about it and love reading more on rogueware removal. If possible, as you gain knowledge, would you mind updating your blog with more information? It is extremely helpful for me.