Russia's Kaspersky Lab detects new Trojan

Russia's Kaspersky Lab detects new Trojan

Cybersecurity is among the issues being raised on the sidelines of the World Economic Forum, now in full swing in Davos. Russia's Kaspersky Lab appears to appreciate the significance of the agenda as it has warned of a yet new IT threat – this time to computer users' financial data, Sputnik reports.

Specialists from Kaspersky Lab, the biggest cybersecurity company in Russia, have spotted a new Trojan called Mezzo, which was specially developed to hunt for "real," conventional money as well as cryptocurrencies, the company’s press release states.

Mezzo can falsify data in exchange files between accounting and banking systems and is currently sending information obtained from an infected computer to the criminals’ servers. Analysts say that this may be a signal that the Trojan’s creators are getting ready for an upcoming campaign to steal the money.

"Analysis of the Mezzo code has shown that the virus can be linked to another much talked about Trojan, which is hunting for cryptocurrencies, the so-called CryptoShuffler. Kaspersky Lab experts have discovered that the Mezzo code and that of AlinaBot, which loads CryptoShuffler, are identical to the very last line. The codes of both viruses have obviously been written by the same virus programmers, thus they may be also interested in users' crypto-wallets," the company noted.

Sergei Yunakovsky, an antivirus expert with Kaspersky Lab, pointed out that with the help of a similar Trojan virus called TwoBee, which the company detected about a year ago, perpetrators managed to snatch over 200 million rubles from Russian companies.

Mezzo is different from the point of view of employing a simpler algorithm to search for  and check the files it is interested in. It is highly probable that its functionality is not limited to solely accounting programs, as any virus is known to increasingly employ multiple different modules and functions.