Security researchers have discovered a keylogging Trojan that captures mouse clicks as well as key strokes. PWSteal-Bancos-Q targets customers of online banking and financial institutions primarily in Brazil. However Australian anti-virus firm PC Tools warns that variants could be created to affect additional online financial sites worldwide.

As well as capturing user keystrokes, PWSteal-Bancos-Q also takes snapshots of the users' mouse clicks and then sends the captured information via file transfer protocol (FTP) to the Trojan's author. The technique is designed to overcome the use of virtual keyboards by many online banking sites in an effort to avoid keylogger infections.

It's unclear how effective the mouse click capturing technique is in practice, but the appearance of the malware indicates a further refinement in malware creation techniques by virus writers. VXers previously created Trojans, such as VB-HV (http://www.sophos.com/virusinfo/analyses/trojvbhv.html), that are capable of taking screenshots of the systems of infected users. ®

Related stories

Gozi hybrid Trojan menaces the net (22 May 2007)
http://www.theregister.co.uk/2007/05/22/gozi_trojan_hybrid/
Hackers debut malware loaded USB ruse (25 April 2007)
http://www.theregister.co.uk/2007/04/25/usb_malware/
'Spyware' vendor bangs copyright shield (14 November 2005)
http://www.theregister.co.uk/2005/11/14/spymon/
Phishers trawl for victims in Europe (20 September 2005)
http://www.theregister.co.uk/2005/09/20/euro_phishing_surge/
Police cuff US student keystroke logger (2 February 2005)
http://www.theregister.co.uk/2005/02/02/student_keystroke_logger/
Virus writers add network sniffer to worm (14 September 2004)
http://www.theregister.co.uk/2004/09/14/network_sniffer_worm/
UK police issue 'vicious' Trojan alert (13 August 2004)
http://www.theregister.co.uk/2004/08/13/trojan_phish/