14 DAY TRIAL // Websense security firm has announced that a Trojan Horse was being hosted on a site with the same IP as Google Pages. The Trojan was meant to steal online banking data of certain targeted financial institutions but was discovered before its authors could launch an attack. As of now no infected e-mails or IM links leading back to the worm were found.
The Trojan is a type of malware known as keylogger. Keyloggers are programmed to act when a user visits a blank site, activating its keystroke recording option being able to steal login date, passwords and information regarding the credit cards used in online transactions.
"The file is packed with ASPack and is a banking Trojan Horse which is designed to steel banking credentials upon visiting pre-defined financial institutions sites. Real-time Security Updates have been published and the website is being blocked in the Websense Security Premium Group until the code is removed and the Trojan Horse Keylogger has been classified within Critical Path Method (CPM) ", reads a message posted on Websense's site.