Most Dangerous Malware That Can Empty Your Account
A recent report indicated that North Korea cyber warriors were attacking banks in Nigeria and about 17 other countries.
At the beginning of June 2014, a large international effort, named Operation Tovar, involving the United States and European enforcement agencies and security firms worldwide, blocked the spread of Zeus Gameover botnet and managed to control servers that were important for CryptoLocker, the well-known ransomware, which encrypts system files and demands a ransom in exchange for the decryption key.
Gameover Zeus and Cryptolocker are some of the most well-known pieces of malware that target financial data, but there are many other variants and types of credential stealing Trojans out there that you need to pay attention to.
Here is a list of some of the most dangerous financial malware out there:
Zeus, also known as Zbot, is a notorious Trojan, which infects Windows users and tries to retrieve confidential information from the infected computers. Once it is installed, it also tries to download configuration files and updates from the Internet. The Zeus files are created and customised using a Trojan-building toolkit, which is available online for cybercriminals.
Zeus has been created to steal private data from the infected systems, such as system information, passwords, banking credentials or other financial details, and it can be customised to gather banking details in specific countries and by using various methods. Using the retrieved information, cybercriminals log into banking accounts and make unauthorised money transfers through a complex network of computers.
Zbot/Zeus is based on the client-server model and requires a Command and Control server to send and receive information across the network. The single Command and Control server is considered to be the weak point in the malware architecture and it is the target of law enforcement agencies when dealing with Zeus.
In 2009, security analysts found that the Zeus spread on more than 70,000 accounts of banks and businesses, including NASA and the Bank of America.
- Zeus Gameover (P2P) (Zeus family)
Zeus Gameover is a variant of the Zeus family, the infamous family of financial stealing malware, which relies upon a peer-to-peer botnet infrastructure.
Zeus Gameover is used by cybercriminals to collect financial information, targeting various user data from credentials, credit card numbers and passwords to any other private information, which may prove useful in retrieving a victim’s banking information. GameOver Zeus is estimated to have infected one million users around the world.
- SpyEye (Zeus family)
SpyEye is a data-stealing malware (similar to Zeus) created to steal money from online bank accounts. This malicious software is capable of stealing bank account credentials, social security numbers and financial information that can be used to empty bank accounts.
This banking Trojan contains a keylogger that tries to retrieve login credentials for online bank account. The attack toolkit is popular among cybercriminals because it can be customised to attack specific institutions or target certain financial data.
SpyEye is able to start a financial transaction as soon as a targeted user initiates an online operation from his bank account.
- Ice IX (Zeus family)
Ice IX is a modified variant of Zeus, the infamous banking Trojan, one of the most sophisticated pieces of financial malware out there.
This modified variant is used by cybercriminals with the same malicious purpose of stealing personal and financial information, such as credentials or passwords for the e-mail or the online bank accounts.
Like Zeus, Ice IX can control the displayed content in a browser used for online banking websites. The injected web forms are used to extract banking credentials and other private security information.
Ice IX, the modified version of Zeus, improved a few Zeus capabilities. The most important one is a defence mechanism to evade tracker sites, which monitor at present most Command and Control servers controlled by Zeus.
- Citadel (Zeus family)
Citadel appeared after the source code of the infamous Zeus leaked in 2011. Due to its open source character, the software code has been reviewed and improved by IT criminals for various malware attacks.
For cybercriminals, it is an advanced toolkit, which they can use to trick users into revealing confidential information and steal banking credentials.
- Carberp (Zeus family)
Carberp is a Trojan designed to give attackers the ability to steal private information from online banking platforms accessed by the infected PCs.
This Trojan’s behaviour is similar to the other financial malware in the Zeus family and displays stealth abilities from antimalware applications. Carberp is able to steal sensitive data from infected machines and download new data from Command and Control servers.
This Trojan is one of the most widely spread financial stealing malware in Russia. Primarily targeting banking systems and companies which perform a high number of financial transactions.
ENJOY FREE CONTENTS FROM US
IN YOUR EMAIL
Breaking News, Events, Music & More
Thank you for subscribing.
Something went wrong.