UK online bank customers under attack

According to browser security supplier Trusteer the malware, which steals online banking passwords and numbers, is detected by less than 20% of anti-virus systems.

Two pieces of regional malware targeted at UK banks have been detected by Trusteer. Silon.var2, resides on one in every 500 computers in the UK compared to one in 20 000 in the US, while Agent.DBJP, has been detected on 1 in 5000 computers in the UK compared to 1 in 60 000 in the US.

Trusteer said it has also discovered two UK-specific Zeus botnets. "Although Zeus is the most known piece of financial malware, the uniqueness of these botnets is that they only consist of UK-based computers and only target UK-based banks. Hence these variants are less likely to be detected by anti-virus solutions."

It said the criminals are using UK centric spam lists and compromised websites based in the UK to spread the malware that targets bank customers.

"This indicates a shift in financial criminal activity and requires some special attention from financial organisations. Unlike known malware kits such as Zeus, Torpig, and Ambler which simultaneously target hundreds of banks and enterprises around the world and are on the radar of all security vendors, regional financial malware such as Silon.var2 and Agent.DBJP are highly targeted said Mickey Boodaei, CEO at Trusteer.

"In the UK, each campaign would usually focus on 3 to 7 banks and target them for a period of 6 to 9 months and then morph and change the list of targets, using a new more advanced version of the malware."

This story was first published by Computer Weekly

What’s Hot on Infosecurity Magazine?