Your computer has probably been infected with a virus before. You may have noticed a few annoying pop-up advertisements appear on your screen. Or, your computer may have simply started to slow down.

But those problems pale in comparison to the recent case of a Eurograbber Trojan virus that stole 36 million Euros (about $46.5 million) from the bank accounts of thousands of Europeans.

How it worked

Instead of grabbing the entire $46.5 million from a single account, the heist took place over a period of several months. The Eurograbber Trojan would infect a computer by luring users onto a malicious website. Somebody could be searching Google Images one minute, only to have their computer infected the next. The infection was impossible to detect.

Once the computer was infected, the Trojan had the ability to monitor everything users did over the internet. It could spy on Facebook activity, for example, or look at whatever the user was searching for. But Eurograbber wasn’t interested in either of those things. Instead, Eurograbber would spy on private banking sessions.

The pop-up window secret

The way the software stole information was actually quite clever. As soon as the Trojan detected a visit to a banking website, it would inject a special HTML/JavaScript code onto the computer. This code was designed to look like a legitimate pop-up from the banking website. And since the pop-up appeared just as the user was attempting to sign-in, it fooled most users.

Installing the malicious app onto the smartphone

The pop-up asked users to input their phone number in order to receive a “Banking software security upgrade.” Then, the hackers would send a text message to the phone number asking them to install a “free encryption software app” via .apk or .jad files. While everything looked legitimate and trustworthy up to this point, the app would actually monitor all incoming texts.

When users signed into their bank account, they would type their user name and password into the computer. As soon as the user was in the online banking session, the Trojan would execute a transfer request for “anywhere from 500 to 250,000 Euros” to private shell accounts. The user’s phone would receive a text message asking to authorize this request, although the hackers would intercept the SMS before it got to the unsuspecting user.

Bypassing two-factor authentication

Most security experts agree that two-factor authentication is one of the most effective ways to keep a private account safe. With two-factor authentication, the user has to enter a password that they already know as well as a text-message code that they receive over their phone. If someone wants to access that account, they would have to have the individual’s cell phone and know the password.

This two-factor authentication system is popular with Gmail users, banks, and any other organizations that take user privacy as seriously as possible. But two-factor authentication is not impenetrable.

Eurograbber was able to steal text messages and password information in an incredibly clever way. And if it can happen to users who are so concerned about their security that they use two-factor authentication, then it can happen to anyone. You can read all about the Eurograbber Trojan in this comprehensive PDF report.

Make sure you download anti-malware software like PC Cleaner Pro to stay safe against Trojans, viruses, and other types of malware!

logo for footerCopyright © 2022, SpeedUpMyPC. All Rights Reserved Trademarks: Microsoft Windows logos are registered trademarks of Microsoft. Disclaimer: is not affiliated with Microsoft, nor claim direct affiliation. The information on this page is provided for information purposes only. Protection Status

Log in with your credentials

Forgot your details?