Brazilian Trojan Creator Revealed As 20-Year-Old College Student

A 20-year-old college student in Brazil is apparently the source of a number of banking Trojans, security company Trend Micro points out.

The security firm believes the young hacker has developed more than 100 banking Trojans in the past few years alone. The culprit is known as the Hacker's Son, Filho de Hakcer or Lordfenix, and apparently he started down this path by seeking advice in comment forums. The hacker is a Computer Science student from Tocantis, Brazil, the security firm further reveals. Trend Micro traced his hacks back to April 2013.

"A 20-year-old college student whose underground username is Lordfenix has become one of Brazil's top banking malware creators," notes Trend Micro. "Lordfenix developed his underground reputation by creating more than a hundred online banking Trojans, each valued at over US$300. Lordfenix is the latest in a string of young and notorious solo cybercriminals we're seeing today."

Trend Micro also posted the photo seen above, showing a large amount of money in local currency. The hacker apparently posted the photo on his Facebook account back in September 2013, indicating his work was successful. The image proves how lucrative malware can be, as hackers can rake up large sums of money through various attacks.

While Lordfenix started out by asking for advice on how to program Trojans, the hacker has since advanced greatly and his activity now targets notable banks such as Banco de Brasil, HSBC Brasil and Caixa.

Lordfenix made his money by developing and selling banking Trojans. The TSPY-Banker.NJH Trojan, for instance, can determine when a user types in the URL of a target bank into their web browser. The Trojan is used to fire up a fake login window, after which it sends the information it obtained back to the hacker via email.

The virus then closes the browser window if running on Google's Chrome, displaying an error message and opening a new Chrome window afterwards, but that window is fake. Trend Micro points out that the browser windows switch seamlessly, which makes this process nearly unnoticeable. If the user is using a browser in Internet Explorer or Firefox, meanwhile, the error message along with the fake window appear although the original window remains open.

Since April 2013, Lordfenix has developed more than 100 different banking Trojans, in addition to other malicious tools, further notes Trend Micro, adding that each Trojan costs about $320.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics