The latest viruses are competing for our bank passwords

Security companies have drawn attention to two new Trojan programs that pose a fairly serious threat to passwords and other confidential banking information through the use of tricky techniques.

Security company iDefense has reported a Trojan that is no longer a barrier to obtaining one-time passwords. According to the company, MetaFisher, also known as Spy-Agent, is able to obtain one-time passwords and pass them on to attackers so that they do not lose their validity. The Trojan constantly monitors the legal banking websites visited by the user and modifies their input fields. If the user enters his / her username and password in such a modified field, the data will be entered into the Trojan log file instead of the banking system. This log file is forwarded by MetaFisher to attackers at regular intervals. The Trojan is primarily capable of modifying the websites of English, German and Spanish banks.

Sana Labs discovered another Trojan that spreads using the Alcra worm downloaded from malicious websites. This Trojan also specializes in obtaining passwords. It performs its activities so "successfully" that Sana Labs specialists have so far found 37 username/password pairs that the Trojan collected in various log files. The malicious program sends the collected confidential data primarily to Russian servers. According to Sana Labs, Trojans are already recognized by most properly updated antivirus software.