TrustDefender warns on a potentially devastating new trojan

According to the Australian IT security vendor, like ZeuS, the Carberp trojan is highly focused in what it does, and is already gaining gaining momentum with cybercriminals in Europe and the US.

TrustDefender says that financial institutions and enterprises should be wary of Carberp as it is challenging the highly successful transactional trojans – Zeus, Mebroot and Silentbanker – to become a leading malware security threat.

Whilst Zeus has been the leading class of malware for security attacks over the last 18 months, TrustDefender says it has observed a number of new malware players entering the market with an extensive new feature set and a distribution network that challenges existing trojan detection software.

Andreas Baumhof, the firm's chief technology officer, said that Carberp appears to be purpose built and has evolved in sophistication at a rapid rate.

"TrustDefender anticipates Carberp will further develop and could morph into a problematic threat from a financial, political and personal perspective", he said, adding that this demonstrates how quickly the bad guys are innovating new sophisticated threats.

Carberp was first seen by Baumhof's researchers back in May of this year, but the firm says its experts have recently witnessed the increasing sophistication of the trojan, which is evolving at a very rapid rate.

One of the most interesting aspects of Carberp, says TrustDefender, is its ability to disable other trojans so they do not interfere with its attack methodology, and more importantly, making sure they do not send any stolen information to rival cybercrime gangs.

Other features include the ability to run without needing admin access to the machine to be infected, as well spanning Windows XP, Vista and Windows 7 platforms.

The trojan is billed as injecting dynamic HTML overlays into any banking session, similar to the methodologies of Zeus, Gozi and Spyeye, with the aim of working around dynamic authentication schemes such a two-factor authentication.

Baumhof says that the evolution of trojans like Carberp highlights that the malware problem is here to stay and the situation will, he predicts, only get worse with malware reaching out to new areas such as Windows 7, Apple Mac and mobile devices.

"This highlights the need for financial institutions and enterprises to provide appropriate security for their users so the end user's device is fully protected", he said.

"This obviously also applies for cloud-based applications. Whilst trojans such as Zeus and Mebroot are successful and high profile, the bad guys obviously wish to stay under the radar", he added.

What’s Hot on Infosecurity Magazine?