SpyEye Trojan Targeting Verizon's Online Payment Page
Recently, Trusteer, a network security firm highlighted that, the telecom major Verizon's online payment service has been attacked by the Spy Eye Trojan that places user's payment card and other private information at risk, if the user is a Verizon client, as reported by Examiner on May 18, 2011.
Malware on the victim's system installs a counterfeit billing page after user have logged into his personal account. The page asks for private financial details which are further dispatched to the attacker and utilized for frauds related to credit card fraud.
Trusteer highlighted that, the Trojan alters the pages presented on the victim's web browser and in this specific instance the injected HTML (the code for building Web pages) was utilized to capture payment card-associated data.
Commenting on the matter, Amit Klein, Chief Technology Officer at Trusteer, stated that, the attack is apparent to Verizon clients as the malware waits for the user to log in and access their billing page and only then adds a genuine looking fake web page that asks for private information, as reported by Examiner on May 18, 2011.
He further stated that, as the user has logged on and has navigated through the recognizable billing page, they hold no good reason to believe that this request for payment information is actually fake.
The compromised information includes: First name, last name, City, Street address, state, zip, phone type, phone number, e-mail address, Social Security Number, Mother's Maiden Name, Date of Birth, country of citizenship, Card number, expiration date and CVV.
The SpyEye Trojan makes use of rootkit technology to conceal its existence on the compromised system. Moreover, SpyEye disables with antivirus and other security software to further avert detection. The SpyEye Trojan incorporates a keylogger to steal keystrokes typed on the compromised machines. SpyEye launches a man-in-the-browser attack, downloading malware into Internet Explorer, Chrome, Firefox, as well as Opera.
Conclusively stated that, with the rising occurrence of payment and credit card theft attacking the online properties of service providers, and e-commerce vendors, the payment card industry should take a close view at endpoints as the emerging "weak link" in safeguarding card data against frauds and scams," as reported by HELP NET SECURITY on May 18, 2011.
Related article: SAP Admits the Charges of Downloading Oracle’s Data
» SPAMfighter News - 30-05-2011