There is a new banking trojan going around that uses Microsoft PowerShell to alter a computer’s local proxy settings in order to redirect users to the wrong server when trying to access a banking portal. Banking trojans have hijacked computer proxy settings for years. This is how some of them operate. The difference is that they used local PAC (Proxy Auto-Config) files to achieve this, which they silently installed on infected hosts.
View full story
ORIGINAL SOURCE: Softpedia