Fresh Bank Credential-Stealing Trojan, ‘Odd Job’

Security investigators from Trusteer a computer security company said they identified one fresh Trojan named "Odd Job," which cyber-criminals used for robbing Internet banking accounts off their cash devoid of the real account owners knowing anything.

Highlighted Trusteer, when users logged onto such websites for doing banking transactions, their requests got transmitted onto remote C&C servers. Those requests the Odd Job criminal captured from inside Firefox or IE and subsequently used them for theft of security authentications, referred to as the "session IDs" that were given to clients at the time of conducting Internet banking.

And when the criminal procured the "session ID," he took the guise of the actual client as well as continued to be logged in with complete control over the financial systems of the victim despite the user closing his banking session.

Reportedly, Odd Job proliferates through e-mail attachments; drive-by downloads associated with contaminated websites; alternatively poisoned software.

Observes Trusteer's Amit Klein Chief Technology Officer, the company's security investigators have reverse engineered as also opened apart the code technology of Odd Job, covering both the Trojan's attack techniques and the different banking institutions it targets. Softpedia.com published this on February 22, 2011.

Worryingly, during 2010, cyber-criminals caused severe damages to financial companies, credit unions and banks with Trojan Zeus, in its different variants, for theft of Internet banking credentials via infecting end-users' PCs. Consequently, the media covered everything associated with the Trojan, extensively. Hence a few cyber-criminal syndicates have started experimenting with trojans whose codes can be customized for fulfilling their specific requirements as also keeping them out of focus, Trusteer explains.

Moreover, Trusteer observes that cyber-crooks from Eastern Europe are using Odd Job for attacking victims in say Denmark, Poland and the US.

It concludes that detail research and examination are required for reverse engineering as also opening apart fake software like Odd Job. However, as told previously too, banks along with their accountholders should keep maintaining guard, deploy software updates, remain wary of fresh attacks, and install supplementary security solutions which bear defense capabilities from emerging attack techniques, adds Trusteer. Trusteer.com published this on February 22, 2011.

Related article: Fark.com Files Suit against Suspected Hacker from Fox13

» SPAMfighter News - 3/1/2011