Rock Phish group adds crimeware Trojan to its financial attacks

RSA has uncovered a new series of attacks from the Rock Phish group, launched to infect unsuspecting users with financial crimeware.

The Rock Phish group is a set of criminals believed to be based in Europe, who have been targeting financial institutions worldwide since 2004.

Rock Phish attacks are estimated to account for more than 50% of phishing attacks worldwide and to be responsible for the theft of tens of millions of pounds from users' bank accounts.

However, until now, the group has not deployed financial crimeware as part of its attack methodology.

The new Rock Phish attacks combine phishing techniques and crimeware. Victims of these phishing attacks not only have their personal data stolen, but they are then also infected with the Zeus Trojan.

Once infected, the Trojan is capable of stealing additional information, such as personal data transmitted while interacting with other websites.

So far, RSA's FraudAction Anti-Trojan Service has detected more than 150 variants of the Zeus Trojan targeting customers of financial institutions and other organisations worldwide.