According to data extracted by the AhnLab Packet Center, 48% of all SpyEye domains and hosts were found to be located in the US. Surprisingly, only 7% of SpyEye domains and hosts are located in Russia, and only 6% are in Ukraine.
AhnLab cautioned North American financial institutions and users to “remain vigilant” for SpyEye attacks given the concentration of domains and hosts in the US.
Since the SpyEye toolkit first became public in 2010, many variants have been produced. According to analysis by the AhnLab, the “10310” variant was identified as the most distributed version at 34.5%, with the “10299” and “10290” variants a distance second and third at 14.7% and 14.6%, respectively.
Perhaps not surprisingly, AhnLab offers an online security product to combat banking fraud trojans. The product has four components: a secure browser, which creates a protected environment for online transactions; an anti-keylogger, which prevents theft of personal banking data during input via a keyboard; a firewall, which detects and blocks unauthorized intrusions, hacking attempts, and leakage of personal information; and anti-virus/spyware, which secures online transactions against malicious codes with a cloud-based security technology.