Eupudus
Eupudus is a banking Trojan that targets Brazil, specializing in compromising Boleto-based transfers (cash transfer methods that remain number two in popularity for the nation). Although regionally specific, Eupudus operates under Web browser-compromising techniques reminiscent of similar attacks by Trojan Zeus, the Dyreza Trojan and other far-reaching threats. Malware experts have rated Eupudus as a high-level threat due to its continued prominence over time, and urge any possible victims of its attacks to use anti-malware tools to remove Eupudus as the need occurs.
When FEBRABAN-Based Payments don't Protect Your Money
Eupudus has had ongoing campaigns in Brazil since 2012 and continues to be an active and regularly-updated threat to that region. Unlike Trojans specializing in international currency transfers (such as BitCoin), Eupudus targets Brazilian Boleto payment information explicitly – a payment method that's extremely popular within Brazil, despite having limited influence outside of that country. The Eupudus has been estimated to compromise transactions valued at a total of over three billion USD, with one hundred ninety-two thousand PCs infected.
To accomplish this impressive feat, Eupudus uses 'man in the middle' style attacks that involve injecting itself into your browser's memory process without displaying any memory process or other 'open application' traits of its own, and monitoring its activities for Boleto-based transactions. Any transactions made are manipulated to the benefit of Eupudus's administrators. Malware researchers have, sadly, been unable to isolate any obvious symptoms from Eupudus infections, which, like most spyware infections, attempt to hide themselves from any casual observation.
The Flaws in Eupudus's Heists
While an active threat to any Brazilian PC user, Eupudus has not been seen on mobile devices. Eupudus also limits its attacks to Windows-based machines, and only targets (in a process known as 'hooking') three browsers: Chrome, Internet Explorer and Firefox. These Web browsers also may have various security features negated by Eupudus's changes, which may make a PC more vulnerable than usual to other attacks. Using a secure browser or an alternative OS is a potential defense against Eupudus, though malware experts are quick to note that not all types of banking Trojans have these same restrictions.
While authorities in Brazil have taken regular steps to try to slow down the Eupudus campaign, its developers have been all too happy to continue updating Eupudus to circumvent newly-added security measures – with Eupudus's updates extending up to version 19, as of the last reports. For now, malware researchers suggest that victims in this security race use anti-malware products to protect their PCs and exercise care when choosing the right platform for Boleto transactions. Deleting Eupudus, if needed, always should be left to these same anti-malware tools, due to this threatening software's efforts at obscuring its components and system changes, which may include negative security modifications.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.