What Is a Banker Trojan?

A Banker Trojan is a malicious computer program designed to gain access to confidential and/or material information stored or processed through online banking systems. This type of computer program is built with a backdoor, allowing outside parties to gain access to a computer, or it may instead copy a bank client's credentials by spoofing a financial institution's login webpage.

It is a form of Trojan horse and can appear as a legitimate piece of software until it is installed on a computer device. Once installed, the Banker Trojan can gain access to computer files and systems, which attackers use to make unauthorized transactions, steal clients' identities, or withdraw client funds to attackers' accounts.

Key Takeaways

  • A banker Trojan is a piece of malware that attempts to steal credentials from a financial institution's clients, or gain access to their financial information.
  • Many times, a banker trojan will use a spoofed website of a financial institution to redirect client data to the attacker.
  • Like other Trojan horses, a banker Trojan often appears innocuous but can cause harm if downloaded and installed onto a device or computer.

Understanding Banker Trojans

Banker Trojan is a Trojan horse that redirects traffic from online banking and financial websites to another website, ostensibly a website that the attacker has access to. When the software is executed, it copies itself onto the host computer, creating folders and setting registry entries each time the system is started. It searches for specific cookie files relating to personal finance, which have been stored on the computer by financial websites during an internet visit.

The Trojan horse can execute a number of operations, including running executable files, downloading and sending files remotely, stealing information from a clipboard, and logging keystrokes. It collects cookies and passwords and may remove itself from a computer when commanded.

Consumers and businesses should be aware of the programs that they download, but sometimes mistakes can happen, and computers can become infected. Criminals have become more sophisticated in how they obtain confidential financial information. Computer viruses, malware, and Trojan horses can still steal usernames and passwords, but many are moving to a real-time collection and can transfer money to other accounts in clever ways.

Financial institutions have combatted the effectiveness of such Trojan horse programs by increasing the security of their authentication processes. This is especially important as banks increase the number of banking activities that can be conducted via the Internet or mobile devices, which are inherently less secure than conducting banking activities in person.

Why a Trojan Horse?

The concept of a Trojan Horse dates back to the Trojan War (1260 BC – 1180 BC), where the Greeks used wooden horse filled with fighters to gain access to the Turkish city of Troy. Today, the Trojan Horse is a popular allegory used to describe a variety of malicious strategies whereby a foe gains access to an otherwise secure location using trickery and sleight of hand, increasingly utilizing digital methods and techniques.