Reveton ransomware steals your passwords and takes over your bank account

Reveton isn’t a new malware to the world. Reveton ransomware has been here for quite a long time, ‘working’ as a LockScreen-only version. However, the bad news is that Reveton ransomware is now being updated! It has become extremely dangerous because it has a powerful password and it can easily steal your bank credentials using Pony Stealer and empty crypto currency wallets. Due to the addition of Pony Stealer, Reveton ransomware can affect more than 110 applications on your system and turn it into a botnet client. It also contains a powerful AV kill/disable function.

The latest update about Reveton ransomware was posted on Avast! Blog. ‘Avast!’ is a popular antivirus program, which continuously updates users on new and hazardous Trojans and other viruses. As per this update,

“The old ransomware business model is no longer enough for malware authors. New additions have made Reveton into something even more powerful…Reveton also steals passwords from 5 crypto currency wallets. The banking module targets 17 German banks and depends on geolocation. In all cases, Reveton contains a link to download an additional password stealer. The most common infection is via the well-known exploit kits, FiestaEK, NuclearEK, SweetOrangeEK, etc.”

Avast has also mentioned information about the ‘Pony stealer’ module. Pony Stealer is considered to be the ‘best’ credentials and a password stealer amongst the countless number of malware active today. The blog talks about the incredible ability of Pony stealer to steal the information as,

“Reveton use one of the best password/credentials stealer on the malware scene today. Pony authors conduct deep reverse engineering work which results in almost every password decrypted to plain text form. The malware can crack or decrypt quite complex passwords stored in various forms.”

Dangers caused by Reveton Ransomware

What makes Pony Stealer so powerful (and Reveton ransomware so dangerous) that the stealer includes 17 main modules ranging from FTP clients, OS credentials, email clients, browsers, online poker clients to instant messaging clients and more than 140 submodules. Due to this, Pony Stealer can encrypt almost all sorts of passwords that you can use for an online bank account.

Reveton Ransomware

Avast mentions a list of banks which are possibly affected the most by Reveton ransomware. This list includes bank1saar.de, berliner-bank.de, comdirect.de, commerzbanking.de, cortalconsors.de, deutsche-bank.de, dkb.de, bawagpsk.com, fiducia.de, flessabank.de, gecapital.de, haspa.de, hypovereinsbank.de, norisbank.de, psd-bank.de, postbank.de and sparda.de.

Protect your computer from Reveton Ransomware

Avast has mentioned that the best and easiest way of protection is to take regular backups of important data, photos and documents. You can also use online storage systems or the cloud to save your data as Reveton ransomware can access NAS servers, local network drives and all your connected devices.

Now read: Prevent Ransomware: Steps to take to stay protected & secure.

Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.