New financial malware targeting bank customers
Posted on 01.07.2010
Bank customers are being targeted by criminals using regional specific malware that flies under the radar of most antivirus technology to steal peoples online banking credentials and commit fraud. Detection rates for regional malware are between zero and 20%, suggesting that the majority of these attacks go undetected.

Two pieces of regional malware targeted at UK banks have been detected by Trusteer; Silon.var2 which resides on one in every 500 computers in the UK compared to one in 20,000 in the US, and Agent.DBJP, detected on 1 in 5000 computers in the UK compared to 1 in 60,000 in the US.

In addition, Trusteer has discovered two UK-specific Zeus botnets. Although Zeus is the most known piece of financial malware, the uniqueness of these botnets is that they only consist of UK-based computers and only target UK-based banks. Hence these variants are less likely to be detected by antivirus solutions.

To help avoid detection and maximize return on their effort, the clever criminals are using UK centric spam lists and compromised websites based in the UK to spread the malware that targets bank customers.

“Regional malware is not unique to the UK”, explains Mickey Boodaei, Trustreer CEO. “We’ve recently started analyzing financial malware in South Africa and identified targeted regional attacks as well, which are rarely seen outside that region. Other regions such as Germany for example also suffer from regional malware. The infamous Yaludle malware has been highly focused on the German market”


Credential manager system used by Cisco, IBM, F5 has been breached

Pearson VUE is part of Pearson, the world's largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Nov 25th