20-year-old Brazilian student outed as banking malware kingpin
'Lordfenix' created over 100 trojans, says Trend Micro
Security firm Trend Micro has traced the source of a large number of banking trojans to a 20-year-old man in Brazil.
Known variously as 'Hacker's Son', 'Filho de Hakcer' (sic) and 'Lordfenix', the malware writer began his career by asking for advice in comment forums, according to a Trend Micro blog post.
"A 20-year-old college student whose underground username is Lordfenix has become one of Brazil's top banking malware creators," said the firm.
"Lordfenix developed his underground reputation by creating more than 100 online banking trojans, each valued at over $300. Lordfenix is the latest in a string of young and notorious solo cyber criminals we're seeing today.
"Lordfenix is a Computer Science student from Tocantins, Brazil. We were able to trace his activity back to April 2013."
Trend Micro has posted a photo from the hacker's Facebook page that shows a large amount of local currency (below).
The hacker has been developing and selling trojans, including one named TSPY-Banker.njh, that can tell when an internet user enters the URL for a bank into their browser.
The malware throws up a fake log-in window, and sends the collected information back to the hacker.
Lordfenix has made available free versions with limited capabilities that work with only a handful of banks, but offers paid-for versions that work with a greater number of banks.
"Lordfenix has created more than 100 different banking trojans, not including his other malicious tools, since April 2013. With each trojan costing roughly $320, this young cyber criminal channelled his talent in programming into a lucrative illegal venture," said Trend Micro.
"In cybercrime, it doesn't matter if the criminal is a veteran or a newbie. The result remains the same: ordinary users become victims."
There is a lot of money in malware. The FBI announced a $3m bounty on the head of the Zeus creator this week.
V3 Latest
More than 500 Android apps pulled from Google Play after spyware backdoor uncovered
Infected apps have been downloaded more than 50 million times
Virgin Media users complain about UK-wide outage of up to 24 hours
Customers of regular price-raising ISP and cable operator claim nationwide outages started on Monday
Google planning cut down version of Google Home to take on Amazon Echo Dot
Pixel 2 smartphones and a Pixel-branded laptop also planned by Google
Samsung rolls out Bixby voice assistant to UK Galaxy S8 and S8+ smartphones
The moment you've all been waiting for...
Most read
