BreachExchange mailing list archives
Beware This Trojan Virus That Infects Your Smartphone and Hacks Your Bank Accounts
From: Lee J <lee () riskbasedsecurity com>
Date: Tue, 1 Oct 2013 01:06:55 +1000
http://www.mainstreet.com/article/smart-spending/technology/beware-trojan-virustbhat-infects-your-smartphone-and-hacks-your-ba NEW YORK (MainStreet <http://www.mainstreet.com/>) — A new threat to banking security is spreading across the globe, and security experts believe it could infect the U.S. financial system soon. ESET, a digital security firm, has discovered a new and sophisticated hidden virus, known to tech experts as a "Trojan," targeting online banking users in Europe and Asia. The hidden "and very potent" banking malware, dubbed Hesperbot, is spreading through email, attempting to hack mobile devices. Infections have been detected in Turkey, the Czech Republic, the United Kingdom and Portugal. The firm reports that "several victims have already been robbed of financial assets." "Analysis of the threat revealed that we were dealing with a banking Trojan, with similar functionality and identical goals to the infamous Zeus and SpyEye," said Robert Lipovsky, ESET malware researcher. "But significant implementation differences indicated that this is a new malware family, not a variant of a previously known Trojan." The malware attempts to obtain login credentials by sending emails that seem to originate from credible organizations. Once the virus has obtained access to the victim's bank account it attempts to install a mobile component of the malware on the smartphone. The Czech malware attack began in August, impersonating the Czech Postal Service. "It's probably not surprising that the attackers tried to lure potential victims to open the malware by sending phish-like emails resembling parcel tracking information from the Postal Service," said Lipovsky. "This technique has been used many times before." [...]
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: # OWASP http://www.appsecusa.org # Builders, Breakers and Defenders # Time Square, NYC 20-21 Nov o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Beware This Trojan Virus That Infects Your Smartphone and Hacks Your Bank Accounts Lee J (Oct 09)