A Dangerous Evolving Trojan Has Reached Chrome User Data

Banking Trojan Mekotio Not Only Steals Cryptocurrency

Information security company ESET has revealed details about the operation of the Mekotio banking trojan. 

A dangerous evolving Trojan has reached Chrome user data

Earlier it was reported that this malware is capable of stealing cryptocurrency from users. It is now known that Mekotio is also capable of performing typical backdoor functions. This includes taking screenshots, rebooting infected devices, restricting access to real banking sites, stealing credentials from Google Chrome. 

A dangerous evolving Trojan has reached Chrome user data

Mekotio can access the user’s system settings, information about the Windows operating system, firewall configuration, a list of installed antivirus solutions. With one of the commands, Mekotio attempts to destroy all files on the device by deleting all files and folders from the C: Windows tree.

The Trojan disguises itself as an update required to ensure the security of the device. Mekotio is mainly distributed via spam. Most often, the distribution chain includes several stages and ends with the download of a malicious ZIP archive.

Experts note that Mekotio is constantly being improved, its developers are introducing new ways to hide from detection, due to which the Trojan is becoming more and more dangerous.

 Source: ESET

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top