{
	"id": "a33a5f33-8ece-4dbf-881c-ac90ecc426ad",
	"created_at": "2026-04-06T00:17:07.39169Z",
	"updated_at": "2026-04-10T03:20:19.034829Z",
	"deleted_at": null,
	"sha1_hash": "b7cf845d4b3e2b4e233a61067aa1f8259a060550",
	"title": "Trojan Tricks Victims Into Transferring Funds",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 47858,
	"plain_text": "Trojan Tricks Victims Into Transferring Funds\r\nPublished: 2011-07-28 · Archived: 2026-04-05 19:14:18 UTC\r\nIt’s horrifying enough when a computer crook breaks into your PC, steals your passwords and empties your bank\r\naccount. Now, a new malware variant uses a devilish scheme to trick people into voluntarily transferring money\r\nfrom their accounts to a cyber thief’s account.\r\nThe German Federal Criminal Police (the\r\n“Bundeskriminalamt” or BKA for short) recently warned consumers about a new Windows malware strain that\r\nwaits until the victim logs in to his bank account. The malware then presents the customer with a message stating\r\nthat a credit has been made to his account by mistake, and that the account has been frozen until the errant\r\npayment is transferred back.\r\nWhen the unwitting user views his account balance, the malware modifies the amounts displayed in his browser; it\r\nappears that he has recently received a large transfer into his account. The victim is told to immediately make a\r\ntransfer to return the funds and unlock his account. The malicious software presents an already filled-in online\r\ntransfer form — with the account and routing numbers for a bank account the attacker controls.\r\nThe BKA’s advisory isn’t specific about the responsible strain of malware, but it is becoming increasingly\r\ncommon for banking Trojans to incorporate “Web injects,” custom designed plug-ins that manipulate what victims\r\nsee in their Web browsers.\r\nThis attack is an insidious extension of the tactic that was pioneered by the URL Zone Trojan, which specializes in\r\nmanipulating the balance that victims see when they log into their (cleaned-out) bank accounts.\r\nIf you log in to your bank account and see something odd, such as a “down for maintenance” page or an alert\r\nabout a wayward transfer, your best option is to pick up the phone and call your bank. Make sure you are using the\r\nbank’s real phone number: Malware like the ZeuS Trojan has been known to present newly-fleeced victims with\r\nmessages about problems with the bank’s Web site, along with a bogus customer support phone number.\r\nSource: https://krebsonsecurity.com/2011/07/trojan-tricks-victims-into-transfering-funds/\r\nhttps://krebsonsecurity.com/2011/07/trojan-tricks-victims-into-transfering-funds/\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia",
		"ETDA"
	],
	"references": [
		"https://krebsonsecurity.com/2011/07/trojan-tricks-victims-into-transfering-funds/"
	],
	"report_names": [
		"trojan-tricks-victims-into-transfering-funds"
	],
	"threat_actors": [],
	"ts_created_at": 1775434627,
	"ts_updated_at": 1775791219,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/b7cf845d4b3e2b4e233a61067aa1f8259a060550.pdf",
		"text": "https://archive.orkl.eu/b7cf845d4b3e2b4e233a61067aa1f8259a060550.txt",
		"img": "https://archive.orkl.eu/b7cf845d4b3e2b4e233a61067aa1f8259a060550.jpg"
	}
}