Cyber Criminals Target Online Banking Customers With New Trojan Virus
The newest version of the virus has so far managed to steal $1.2 million from approximately 3000 online customers from an unnamed British bank , according to an internet security company.
M86 Security which has offices in Britain and California says the money was remotely transferred from the accounts of individuals and businesses.
The Trojan virus works by first seeing how much money is held in the account, then steals it, showing the account holder fake balances, which allows it to cover its tracks. M86 says it discovered the scale of the theft, after it managed to penetrate the command and control server belonging to the criminals, which is based in Eastern Europe.
According to the company, the attacks appear to be continuing, and the financial institution involved and the police had been informed two weeks ago.
The new Trojan variant, dubbed Zeus v3 no longer simply collects users log in details and passwords, but now also transfers money out of accounts which have been compromised.
“This is an extremely sophisticated version of the virus and it cannot be detected by traditional security software,” said Bradley Anstis, vice-president of technical strategy at M86 Security.
The new Trojan is part of a new wave of viruses that infect machines, when their users visit legitimate sites, termed a “drive-by” infection.
The UK’s main high street banks say their customers are not believed to be victims of the attack, and when contacted by The Times, all said they would not comment.
They acknowledged, however, that online fraud was becoming ever more sophisticated and prevalent. A spokesman for HSBC said: “There are millions of viruses, and other malicious software. We urge people to take basic measures to protect themselves from virus attacks. Any customer who is the victim of fraud will be reimbursed by HSBC.”
The trojan even checks to see if the customer has sufficient funds. If their account holds more than ?800, the trojan gets to work.