Clever Trojan Attacks Banks
Here's a new Trojan that doesn't even need to steal a user ID and password to break into a banking account. The Trojan is the engine behind a bot used only for bank fraud. The bot, sitting on servers in Russia and India, is targeting banks in the US, the UK, Italy and Spain.
It works by alerting hackers when a user has logged onto their online banking account. It then hijacks the session in real time, allowing access to the account without having to steal or use any of the user's ID or password. Next, it communicates with the bot's command and control center which bank they're logged into and downloads custom code for that bank on the user's desktop to mimic transactions.
Users are initially hooked through e-mails with malicious links to sites downloading the Trojan.
The only protection advised by SecureWorks, who discovered the Trojan, is the same old fashioned -- and common sense -- advice about any unsolicited e-mail: If you don't trust it, don't open it or click on links in it.
It works by alerting hackers when a user has logged onto their online banking account. It then hijacks the session in real time, allowing access to the account without having to steal or use any of the user's ID or password. Next, it communicates with the bot's command and control center which bank they're logged into and downloads custom code for that bank on the user's desktop to mimic transactions.
Users are initially hooked through e-mails with malicious links to sites downloading the Trojan.
The only protection advised by SecureWorks, who discovered the Trojan, is the same old fashioned -- and common sense -- advice about any unsolicited e-mail: If you don't trust it, don't open it or click on links in it.
posted by The IT Security Guy at 1:34 PM
1 Comments:
It's amazing that there are still people that open crappy e-mails and do not use any protection on their computors.
Post a Comment
<< Home