Banking Malware Attacks Escalate, But Banks Combating Them Hard

According to researchers at cyber security company RSA, while malware attacks against banking customers rose ten times during 2008, banks (by using multiple defense approaches) are successfully blocking the number of such attacks.

Cyber criminals have managed to enhance their abilities to exploit security flaws in browsers so that more infections could be transmitted to website visitors even in the absence of user-interaction.

However, Internet banking fraud isn't growing at fast pace. For instance - it is growing at 55% in the UK compared to the overall rise in malware infections at 1,000%.

Uri Rivner, Chief of New Consumer Identity Safeguards at RSA, which is EMC's security division, states that the main strategy of the financial sector is to use several approaches of dynamic and adaptive defense, as reported by ComputerWeekly on October 22, 2009.

According to Rivner, the financial services sector realizes the greater efficacy of multiple defense approaches over just one technology to combat online-crime.

Besides, computer hackers are devising new methods for theft of information such as contaminating genuine Internet sites with data stealing viruses and developing fake security applications that appear authentic but actually carry malware, warned security specialists.

RSA also said that there were several thousand genuine websites contaminated with malware. Indeed, the company is currently observing a rise in compromises through the password-stealing Sinowal or Torpig Trojan. This Trojan has been prevailing since mid-2007 and infecting authorized websites, it stated.

According to RSA, cyber criminals are adopting e-mails and online ads to employ unwitting assistants for money-laundering. These schemes involving work-at-home jobs provide people good commissions if the employees allow their bank accounts to be utilized for illicit payment processing. Actually, the processors of such payments play the role of middlemen during the act of money-laundering where the funds are stolen out of hijacked bank accounts.

In addition, investigators recently tracked an Internet banking thieves' gang, which uses Trojan URLZone to steal funds from victims' bank accounts and to subsequently rewrite their bank statements. This new technique effectively covers the accounts belonging to the gang's money-mules.

Related article: Banking Sector Hacked by phishing Sites

» SPAMfighter News - 11/3/2009