Saturday, May 15, 2021

Virus-Powered Phishing Unleashed

Security researchers are warning of a new Trojan that hijacks users’

banking information, allowing hackers to empty their accounts.

So far this new type of Trojan has been sweeping Brazil and, more

recently, Great Britain. But analysts say they expect it to arrive on

U.S. shores shortly.

”This is pretty nasty,” says Graham Cluley, a senior technology

consultant for Sophos, an anti-virus and anti-spam company based in

Lynnfield, Mass. ”If they grab hold of your user name, password, and

PIN number, then potentially they can empty your bank account. This is

working in a much sneakier way than your average phishing email.”

Cluley says that with users starting to catch onto phishers’ email

schemes, the hackers are sending out this new type of Trojan. Once the

malware infects a Windows PC, it silently lies in the background,

waiting for the user to go to an online banking Web site. Once the

Trojan detects that the browser is on a banking site, it ‘wakes up’ and

begins capturing key strokes and taking screen snap shots. The

information is then sent back to the hacker, who uses it to break into

the account.

”We’ve been telling people not to click on the link when they get what

looks like a phishing email,” says Cluley. ”We tell them to go to

their bank’s site by typing in the Web address in their browser. These

Trojans rely on you doing just that… This is much more subtle. It’s

spying over your shoulder really.”

Cluley says the Trojan first reared its head in Brazil, raising a lot of

havoc there. Now it’s in full attack on Great Britain, targeting users

of online banks like Barclays, HSBC, Lloyds TSB and NatWest.

The researcher also notes that he hasn’t seen any of the Trojans

containing code that specifically targets U.S.-based banks, but he

figures it’s only a matter of time before that happens.

”I wouldn’t be surprised at all,” adds Cluley. ”Despite the arrests

in Brazil, we’ve seen dozens and dozens of new phishing Trojans coming

out. I wouldn’t be surprised if it soon turned to American banking

customers.”

Sophos is warning users to keep their anti-virus software and patches

updated, while running a strong firewall.

Similar articles

Latest Articles

How IBM has Changed...

Think is IBM’s big annual conference, and again this year, it was digital. I’m noticing a sharp quality difference in shows like this where...

Database-Tuning Platform Launches and...

PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...

Top 10 Professional Services...

Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

What is Data Aggregation?

Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...