Research laboratory ESET has detected a new banking trojan called Qadars. This flaw takes the form of a malware targeting Europe, Canada, India and Australia.

Once the malware is installed on the server, a HTML / JavaScript content injection processes is being made  in web pages, allowing access to the bank account of the user. This trojan is also able to geolocalise the user in order to use most revelant bank’s configuration files in the targeted region. Fraud is proceded through a “man-in-the-browser » attack, allowing the virus to be directly injected into the browser process.

StormShield is proactively able to block this new bank threat. The buffer overflow protection set to the lowest level is good enough to prevent the intrusion of Qadars.