Virus-Powered Phishing Unleashed

Download our in-depth report: The Ultimate Guide to IT Security Vendors

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Security researchers are warning of a new Trojan that hijacks users'banking information, allowing hackers to empty their accounts.

So far this new type of Trojan has been sweeping Brazil and, morerecently, Great Britain. But analysts say they expect it to arrive onU.S. shores shortly.

''This is pretty nasty,'' says Graham Cluley, a senior technologyconsultant for Sophos, an anti-virus and anti-spam company based inLynnfield, Mass. ''If they grab hold of your user name, password, andPIN number, then potentially they can empty your bank account. This isworking in a much sneakier way than your average phishing email.''

Cluley says that with users starting to catch onto phishers' emailschemes, the hackers are sending out this new type of Trojan. Once themalware infects a Windows PC, it silently lies in the background,waiting for the user to go to an online banking Web site. Once theTrojan detects that the browser is on a banking site, it 'wakes up' andbegins capturing key strokes and taking screen snap shots. Theinformation is then sent back to the hacker, who uses it to break intothe account.

''We've been telling people not to click on the link when they get whatlooks like a phishing email,'' says Cluley. ''We tell them to go totheir bank's site by typing in the Web address in their browser. TheseTrojans rely on you doing just that... This is much more subtle. It'sspying over your shoulder really.''

Cluley says the Trojan first reared its head in Brazil, raising a lot ofhavoc there. Now it's in full attack on Great Britain, targeting usersof online banks like Barclays, HSBC, Lloyds TSB and NatWest.

The researcher also notes that he hasn't seen any of the Trojanscontaining code that specifically targets U.S.-based banks, but hefigures it's only a matter of time before that happens.

''I wouldn't be surprised at all,'' adds Cluley. ''Despite the arrestsin Brazil, we've seen dozens and dozens of new phishing Trojans comingout. I wouldn't be surprised if it soon turned to American bankingcustomers.''

Sophos is warning users to keep their anti-virus software and patchesupdated, while running a strong firewall.

Submit a Comment

Loading Comments...