Menu
Spanish police nab suspected hacker behind Neverquest banking malware

Spanish police nab suspected hacker behind Neverquest banking malware

Neverquest can steal credentials used for banking websites

Spanish police have arrested a Russian programmer suspected of developing the Neverquest banking Trojan, a malware targeting financial institutions across the world.

The 32-year-old Russian citizen known as Lisov SV was arrested at the Barcelona airport, Spain's law enforcement agency Guardia Civil said on Friday.

The FBI had been working with Spanish authorities to track down the suspect through an international arrest warrant, according to a statement from the agency. The FBI, however, declined to comment on the man's arrest.

Neverquest is designed to steal username and password information from banking customers. Once it infects a PC, the malware can do this by injecting fake online forms into legitimate banking websites to log any information typed in. It can also take screenshots and video from the PC's desktop and steal any passwords stored locally.

Once the credentials are stolen, Neverquest can use the infected PC to secretly log back into the customer's online banking account. It can then access the victim's funds and transfer the money out. 

In 2013, antivirus vendor Kaspersky Lab discovered the malware being advertised in black market forums. It's since been found preying on the banking sites of 100 to 200 financial institutions, and it has features built in making it hard for security researchers to track. 

On Friday, Spanish authorities said the malware has resulted in financial losses from victims of about US$5 million. Lisov is suspected of creating NeverQuest and then using servers to administer the malware.

One such server contained files with millions of stolen login credentials from financial website accounts.

The arrested suspect’s full name is Stanislav Lisov, according to Russian news agency TASS, and he was arrested on Jan. 13. Russian diplomats have sent a request to Spanish authorities to learn more about the charges against Lisov.

If Lisov is indeed behind Neverquest, his arrest may stop or slow down the malware's spread. Last August, IBM Security said Neverquest was the most active financial malware in the world.

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

​Ingram Micro’s Hooked on Lenovo incentive programme recently rewarded 28 of New Zealand's top performing resellers with a full-on fishing trip at Great Barrier Island for the third year​ in a row.

Tight lines as Hooked on Lenovo catches up at Great Barrier Island
Inside the AWS Summit in Sydney

Inside the AWS Summit in Sydney

As the dust settles on the 2017 AWS Summit in Sydney, ARN looks back an action packed two-day event, covering global keynote presentations, 80 breakout sessions on the latest technology solutions, and channel focused tracks involving local cloud stories and insights.

Inside the AWS Summit in Sydney
Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Ingram Micro hosted its third annual Cure Kids Charity Golf Tournament at the North Shore Golf Club in Auckland. In total, 131 resellers, vendors and Ingram Micro suppliers enjoyed a round of golf consisting of challenges on each of the 18 sponsored holes, with Team Philips taking out the top honours.

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day
Show Comments