Customers warned of banking Trojans
Posted on 28 Mar 2006 at 10:14
Customers have been warned about a new wave of Trojans which are targeting banks. A number of banks including those in Britain, Spain, Germany and the Netherlands have come under attack from the PWSteal.Metafisher Trojan which can steal personal information.
The code exploits the Graphics Rendering Engine WMF Format unspecified code execution vulnerability which came to light in the New Year to download remote files. In order for the code to operate, the visitor has to first visit a web site to load the exploit. Often, users will have been sent there by clicking on spam emails.
Once installed, the malware will wait until the user visits a legitimate banking site and installs specially crafted HTML tags into the code. It will then capture PINs or other bank account and personal information to remote servers.
Another piece of nasty code goes by the name of rootkit.hearse and installs a Trojan. The accompanying Trojan is able to discover passwords and other sensitive information stored on a computer and does not need to log keystrokes. As it is hidden by the rootkit, end users cannot see the Trojan on their hard disk and it can survive reboot and does not run as a visible process. Once installed, the code starts to transmit personal details to a server based in Russia.
Finally, the blog maintained by Kapersky Labs has also warned of Trojan-Spy.Win32.Bancos.pw which can intercept TAN codes which are used as security tokens by Postbank and Deutsche Bank. The Trojan-Spy.Win32.Bancos.pw is able to intercept HTTPS traffic.
Author: Steve Malone
advertisement
- Need a bit of extra Christmas cash? Grass up your boss, says BSA
- Photoshop Mobile on Android review: first look
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Getting to grips with Microsoft's IT Health Environment Scanner
- Virtualise your servers
- The changing face of travel gadgets
- Build your own distributed file system
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
advertisement
Printed from www.pcpro.co.uk

