Fraudsters using financial malware called Neverquest have now set their sights on several regional banks in Japan, according to researchers. In a Monday blog post, Symantec's security team revealed that a new variant of the banking trojan was in use, and as “predicted,” the threat had been updated to target another set of financial institutions in the country.
Earlier this month, Symantec detailed Neverquest's capabilities, including keystroke logging, screenshot and video capturing, remote control access, and stored credential and digital certificate theft, and said that the malware leveraged man-in-the-browser (MitB) attacks to target Windows users.
On Monday, the firm noted that Japan continued to be the third most impacted country by the malware (with nearly 20 percent of infections), followed by the U.K. and Germany. The new Neverquest variant utilized a configuration file listing 20 credit card websites and 17 online banking sites in Japan, Symantec said.