News

UK online bank customers under attack

UK users of online banking services are under attack as criminals use malware that is undetected by most anti-virus software.

According to browser security supplier Trusteer the malware, which steals online banking passwords and numbers, is detected by less than 20% of anti-virus systems.

Two pieces of regional malware targeted at UK banks have been detected by Trusteer. Silon.var2, resides on one in every 500 computers in the UK compared to one in 20,000 in the US, while Agent.DBJP, has been detected on 1 in 5000 computers in the UK compared to 1 in 60,000 in the US.

Trusteer said it has also discovered two UK-specific Zeus botnets. "Although Zeus is the most known piece of financial malware, the uniqueness of these botnets is that they only consist of UK-based computers and only target UK-based banks. Hence these variants are less likely to be detected by antivirus solutions."

It said the criminals are using UK centric spam lists and compromised websites based in the UK to spread the malware that targets bank customers.

"This indicates a shift in financial criminal activity and requires some special attention from financial organisations. Unlike known malware kits such as Zeus, Torpig, and Ambler which simultaneously target hundreds of banks and enterprises around the world and are on the radar of all security vendors, regional financial malware such as Silon.var2 and Agent.DBJP are highly targeted said Mickey Boodaei, CEO at Trusteer. "In the UK, each campaign would usually focus on 3 to 7 banks and target them for a period of 6 to 9 months and then morph and change the list of targets, using a new more advanced version of the malware."


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy