Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Password-Stealing Polymorphic Malware on the Rise

Security researchers caution that spam outbreaks consisting of "polymorphic malware" programmed for spreading banker Trojans that steal passwords are on the rise since recent months. Tgdaily.com published this on October 3, 2011.

Several companies were seemingly so tricked that they transferred money via polymorphic as well as other sinister malicious programs, such as North Putman Community School Corporation transferring $98,000, Oncology Services of North Alabama -$120,000 as well as California's City of Oakdale -$118,000.

Brian Krebs, a security researcher states that a well-known spam trick involves sending an e-mail crafted as appearing like a message from NACHA, an organization that doesn't seek profit while establishing operating guidelines benefiting companies which deal with electronic payments. Tgdaily.com reported this.

Krebs notes that it's "doubly insulting" to utilize NACHA's name as lure since victimized companies fast discover fresh employee names, who actually serve as money mules for others, strangely inserted into their payrolls.

Krebs elaborates that once the mules' names are inserted, the cyber criminals utilize the Internet banking credentials of the victimized companies for crediting the mules with illegitimate payroll payments. These mules then, as per instructions, withdraw that money and wire it overseas after retaining their commissions, the researcher adds.

The researcher further adds that these assaults are aborted not because of anti-virus scanning or high-tech PC systems, for the malware utilized isn't clear, albeit in the case of the fake NACHA e-mails, the messages carried an installer that dropped Trojan Zeus. Nonetheless, these assaults rely more on socially-engineered tricks against humans instead of security solutions and defeating technology, he continues. Krebsonsecurity.com reported this on October 3, 2011.

Krebs says that there isn't any lone technology or approach for preventing these 'account compromises,' however, to stop cyber-thieves from filching an organization's credentials for Internet banking is one crucial initial step. Hence it's advisable that SMBs have a PC maintained exclusively to conduct Internet banking, with that PC locked down and routinely made up-to-date. Alternatively, they can work with a non-Windows computer like a Mac or Live CD as a highly secured approach though it isn't necessarily very affordable or practical, he concludes.

Related article: Password Stealers Rising Alarmingly

ยป SPAMfighter News - 13-10-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next