New Virus Threat: Neverquest Financial Malware is expected to Spread Rapidly

Neverquest virusAccording to security researchers, a new Trojan program is expected to spread rapidly over the next few months. The Trojan program called Neverquest, discovered on a private cybercrime forum in July, targets online financial services users. Essentially, Neverquest is financial malware designed to steal credentials on financial related applications or websites. PCs and smartphones are both vulnerable to financial malware.

Neverquest attempted infections were discovered all around the world, with several thousand attempts recorded by mid-November. Sergey Golovanov, a malware researcher at Kaspersky Lab, wrote in a blog post, “This threat is relatively new, and cybercriminals still aren’t using it to its full capacity. In light of Neverquest’s self-replication capabilities, the number of users attacked could increase considerably over a short period.”

Similar to other financial malware, Neverquest has the ability to change the content of websites inside Internet Explorer or Firefox. Often, the modification involves injecting rogue forms into them, to get usernames and passwords by the website’s users. The attacker can control infected computers remotely using virtual network computing.

Neverquest also includes features that are different from other financial malware. For example, the default configuration defines 28 targeted websites involving large international banks and online payment services. The malware also searches for the victim’s commonly visited webpages containing keywords such as balance, account summary, and checking account. This allows the attacker to discover new financial website targets, to change the scripts for the malware.

Neverquest steals log-in credentials from file transfer protocol client applications that have been installed onto the victim’s computer. With the file transfer protocol credentials, the attacker is able to infect websites using a Neutrino exploit pack. The exploit pack discovers vulnerabilities within browser plug-ins. When a user visits an infected website, the malware is downloaded onto the computer.

In addition, Neverquest also sends spam emails with malicious attachments. Often, the emails are designed to appear as official notifications from important services. According to Kaspersky Lab, consumers can expect many Neverquest attacks for the rest of 2013. Ultimately, users’ must be aware of the potential malware and online cash theft.

Concerned?  After the damage CryptoLocker caused…all businesses must be and they also must have an up-to-date computer and network security plan in place.  Does your business?

Learn more about Neverquest.

Are you at risk from having Neverquest or even CryptoLocker strike your business?

Does your Bellevue, Redmond & Seattle business have the right computer security or network security program in place?  Many of your peers do not and Slivertip IT is focused on ensuring the security of all businesses in Bellevue, Redmond & Seattle.  Call (425) 998-9199 or email us today at to book a no obligation IT, computer and network security review with our team of IT experts.

IT Support Companies in Seattle

“I can’t emphasize enough how much we rely on and trust the IT professionals from Silvertip IT. Silvertip is always available when needed, whether remotely, in our office, or over the phone.  We can rely on Silvertip IT whether it’s during office hours, evening hours, or on weekends. And believe me, we needed them because before they we found Silvertip we had our share of IT issues!”

-Shimizu and Shimizu CPA
read more»