By Dateline India Syndicate
Brazil, Italy, Russian Federation, USA, UK, Germany, India, Austria, Vietnam and France respectively are among the countries where online banking customers are most vulnerable to malware attacks, fraud, and attempts to plant malicious codes. The cyber criminals aim is to steal or extract personal information and compromise remote banking systems.
Kaspersky Lab — a global security intelligence and technology company blocked 341,216 attempts to launch malware on user computers from online banking accounts in the period- between April and May 2014. Most of these malware were capable of stealing money.
This was a 36.6% increase compared to the previous month (249,812) was probably because of malware activity during the vacation season, when customers actively use their payment data to make all types of purchases online.
Zeus (Trojan-Spy.Win32.Zbot) is the most widely used banking Trojan.
Trojan Zeus hides in the internet browser and tries to sniff user password using keylogging and other password stealing techniques.
Sinowal aka Torpig another Trojan horse steals credentials from SSL encrypted communication. It was found to be behind 53% malware attacks on online banking clients.
Silon another malware injects malicious DLL into Internet Explorer to steal credentials from requests sent to online services.
It all starts with replacing the Internet Explorer library with a fake malicious library to easily steal information by hooking various API functions in the compromised Internet Explorer.
Cidox exploits App Init_DLLs registry entry to inject into Internet Explorer, Mozilla FireFox, Google Chrome, Opera and other browsers. It hooks API functions related to sending data and is thus able to steal any passwords typed into web browsers.
SpyEye, Carberp, Yaludle are some of the other malware focused on financial cyber crime.
Trojan-Banker.Win32.ChePro and Trojan-Banker.Win32.Lohmys are representatives of the same family and spread via spam emails bearing the subject line “Internet bank charges”. The message contains a Word document with an embedded image that launches malicious code if the recipient clicks on it.
As well as web injections (modification of a bank’s HTML pages), keylogging technology, is still the most effective means of stealing information while carrying out attacks on online banking customers.
Banking Trojan Trojan-Spy.Win32.Carberp — a relatively new entrant in the Top 10 list is designed to compromise remote banking systems and to commit fraud against large banks.