We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanSpy:Win32/Banker.VCE
Aliases: Trojan-Downloader.Win32.Banload.bwhi (Kaspersky) W32/Banload.BYYL (Norman) Trojan.DL.Banload!aizSDyVb75A (VirusBuster) Trojan horse Downloader.Banload.BZIU (AVG) Win32/Spy.Banker.YCM trojan (ESET) PWS-Banker!h2e (McAfee) Infostealer.Bancos (Symantec)
Summary
TrojanSpy:Win32/Banker.VCE is a malicious trojan component installed by other malware. Win32/Banker is a family of data-stealing trojans. When Win32/Banker is installed on a computer, it can capture banking credentials such as account numbers and passwords from the user. It can then send the captured information to the attacker by various means.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
- Microsoft Security Essentials or, for Windows 8, Windows Defender
- Microsoft Safety Scanner
- Microsoft Windows Malicious Software Removal Tool
TrojanSpy:Win32/Banker.VCE attempts to steal sensitive and confidential information from affected users to perpetrate fraud. If you believe that your personal financial information may have been compromised, please refer to the following advisory for additional advice:
