The SonicWALL UTM Research team has received reports of a new banking Trojan named Tatanga in the wild. Spain, Germany, the United States, and the United Kingdom are the top countries affected by this Trojan.
This Trojan has many sophisticated features resembling functions found in the popular crime-ware toolkits Zeus and SpyEye which includes:
-Encrypted configuration files -Encrypted communication between the bot and the Command & Control server -Dynamic HTML injection affecting users of popular browsers like IE, Firefox, Chrome, Safari etc. -Disables AV applications -Harvests e-mail addresses & other sensitive information -Removes other malware infection specifically Zeus
SonicWALL Gateway AntiVirus provides protection against this threat via the following signatures:
-GAV: Tatanga.gen (Trojan)
-GAV: Pincav.BAHA (Trojan)
Learn more about this new vulnerability at the SonicWALL Security Center