CBN BRASIL

Tuesday, February 24, 2015

Banking trojan Dyreza generating 'tens of thousands' of malicious emails a day


The Dyreza banking Trojan generated 30,000 malicious emails in a single day.

British customers of banks including NatWest, Barclays and HSBC are being targeted by a wave of malicious emails attempting to install the Dyreza malware on their computers.
Security firm Bitdefender claims that RBS, Lloyds Bank and Santander customers are also receiving the emails, which direct them to websites with “highly obfuscated” JavaScript code, which installs the Trojan.
The company claims that 30,000 of these emails were sent in a single day from servers in the UK, France, Turkey, US and Russia, with the aim of stealing victims’ online banking credentials.
“It installs itself on the user’s computer and becomes active only when the user enters credentials on a specific site, usually the login page of a banking institution or financial service,” said Bitdefender’s chief security strategist Catalin Cosoi.
“Through a man-in-the-browser attack, hackers inject malicious Javascript code, which allows them to steal credentials and further manipulate accounts – all in a completely covert way.”
Dyreza isn’t a new cyber-threat: it was first detected by online security firms in 2014. Then, as now, its main delivery method was emails designed to look like communications from banks, including PDF attachments.
The Trojan has been compared to Zeus, the notorious malware that infected tens of thousands of computers around the world in 2009. One of the most concerning aspects of Dyreza – also known as Dyre – is its ability to bypass the SSL security used by online banking services.
Cosoi also warned that users may be held responsible for any losses caused by their computers becoming infected by Dyreza.
“Considering the malware’s behaviour, it is worth pointing out that mitigating this vulnerability does not lie in the hands of the financial institutions targeted, but in the user’s own actions,” he said.
“It’s like using a public computer from an internet cafĂ© to pay your bills - if you forget to log out from your account, anyone can access it and transfer money to their own pockets.”
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Biden announces $9 billion in student loan relief President Biden on Wednesday announced another $9 billion in student debt relief. About 12...

  • (no title)
    10 THINGS TO KNOW FOR TODAY 1.  BUSY DAY SLATED FOR CAPITOL Obama and Vice President-elect Mike Pence have dueling agendas in meetings ...
  • (no title)
     THINGS TO KNOW FOR TODAY .  PENCE LOYAL, BUT WITH AN EYE TOWARD FUTURE Between traveling overseas, fundraising and being Trump'...
  • (no title)
    Malaysia Airlines loses contact with passenger jet A passenger flight carrying 239 people from Kuala Lumpur to Beijing is missing ...