Monday, September 20, 2021

Virus-Powered Phishing Unleashed

Security researchers are warning of a new Trojan that hijacks users’

banking information, allowing hackers to empty their accounts.

So far this new type of Trojan has been sweeping Brazil and, more

recently, Great Britain. But analysts say they expect it to arrive on

U.S. shores shortly.

”This is pretty nasty,” says Graham Cluley, a senior technology

consultant for Sophos, an anti-virus and anti-spam company based in

Lynnfield, Mass. ”If they grab hold of your user name, password, and

PIN number, then potentially they can empty your bank account. This is

working in a much sneakier way than your average phishing email.”

Cluley says that with users starting to catch onto phishers’ email

schemes, the hackers are sending out this new type of Trojan. Once the

malware infects a Windows PC, it silently lies in the background,

waiting for the user to go to an online banking Web site. Once the

Trojan detects that the browser is on a banking site, it ‘wakes up’ and

begins capturing key strokes and taking screen snap shots. The

information is then sent back to the hacker, who uses it to break into

the account.

”We’ve been telling people not to click on the link when they get what

looks like a phishing email,” says Cluley. ”We tell them to go to

their bank’s site by typing in the Web address in their browser. These

Trojans rely on you doing just that… This is much more subtle. It’s

spying over your shoulder really.”

Cluley says the Trojan first reared its head in Brazil, raising a lot of

havoc there. Now it’s in full attack on Great Britain, targeting users

of online banks like Barclays, HSBC, Lloyds TSB and NatWest.

The researcher also notes that he hasn’t seen any of the Trojans

containing code that specifically targets U.S.-based banks, but he

figures it’s only a matter of time before that happens.

”I wouldn’t be surprised at all,” adds Cluley. ”Despite the arrests

in Brazil, we’ve seen dozens and dozens of new phishing Trojans coming

out. I wouldn’t be surprised if it soon turned to American banking

customers.”

Sophos is warning users to keep their anti-virus software and patches

updated, while running a strong firewall.

Similar articles

Latest Articles