Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Virgin Media works with SOCA on 1,500 SpyEye infections

According to the ISP, it has written to the infected customers and advise them on how to solve the infection.

Jon James, Virgin's executive director of broadband, said that, with the increasing numbers of people getting online and a nation reliant on broadband, consumers are looking for more from their service providers to give them the confidence their online world is safe.

"We are taking this pro-active approach to help protect our customers and to provide them the support and advice they need to stay safe online so that they can enjoy the best of the internet without the worry", he said.

Lee Miles, SOCA's head of cybercrime, said that the agency welcomes steps taken within industry to use the information and resources provided by law enforcement and raise awareness of online safety.

"It is equally important, though, for consumers to help protect their finances and personal information by ensuring their computers are equipped with up-to-date security software. Complementing the practical advice and support Virgin Media provides to its customers, internet safety information is freely available at getsafeonline.org", he said.

Reaction to news that Virgin has been working with SOCA on customers whose PCs are infected has been positive.

Amit Klein, CTO of Trusteer, said that, whilst the SOCA investigation may be viewed as invasive by some observers, there is a strong reason for all ISPs to work with law enforcement and security professionals in a similar way.

There is, he says, a strong case for blocking all traffic, and for HTTP traffic to display a warning message, which would ensure that most of the affected users would be on the phone to the Virgin helpline in double-quick time.

"And it would also help to minimise the financial losses that these poor customers would experience if they had to wait until the ISP wrote to them – assuming they opened the letter of course", he said.

The problem with simply writing letters to the affected line owners is that they may be landlords, and it is their tenants that need to be advised of the serious security problem, he went on to say.

Klein argues that an internet lockdown strategy would serve the dual purposes of alerting users on the broadband circuit that there were serious security problems and so force them to call in, as well as helping to prevent further potential losses to cybercriminals as a result of the infections.

Nigel Hawthorn, vice president of EMEA with Blue Coat Systems, said that sending letters to customers rather than emails seems to be an odd response to such a serious situation that could see customers bank accounts compromised.

"With a malicious virus such as this, the user could be a victim at any time and the delay in sending and actioning a letter leaves them open to serious attack", he said.

Over at Dell SecureWorks, Don Smith, the firm's vice president of engineering and technology, said that the SpyEye trojan continues to become an increasingly popular choice as a toolkit for criminals looking to profit from online financial fraud.

"This continuous evolution necessitates monitoring new versions of SpyEye, SpyEye configurations, and any new plugins that are incorporated by individual customers to obtain a full view of the threat landscape posed by SpyEye", he said.

"As a result, comprehensive monitoring of networks 24-7 in real-time, across multiple levels of security is vital so that organisations have a clear picture of what's going on both in and outside their networks", he added.

"Having a true 360 degree view of your network increases the chances of combating sophisticated and targeted attacks at any security layer."

What’s Hot on Infosecurity Magazine?