SpyEye Threat for Banks within USA Increasing
Researchers from AhnLab, a company specializing in Internet security and based in Korea recently stated that the URLs as well as domain hosts utilized for spreading SpyEye the banker Trojan had been found situated mainly in the USA. Infosecisland.com published this dated March 28, 2012.
A French security investigator who's identified with the name 'Xyliton' as also belongs to the outfit called RED (Reverse Engineers Dream), leaked out the source code of SpyEye that earlier only malevolent attackers could avail from the underground economy at a huge cost of around $10,000.
Reportedly, as per the host data relevant to SpyEye that the Packet Center of AhnLab extracted, 48% of the entire URLs serving SpyEye were located inside USA, while Russia and Ukraine followed with 7% and 6% respectively. Moreover, according to the findings, SpyEye chiefly targeted entities inside the USA, as also that end-users and financial institutions of North America must be particularly vigilant.
The maximally propagated edition of SpyEye was detected to be the 10310 variant at 34.5%. Thereafter, variants 10299 and 10290 were identified with 14.7% and 14.6% of all infections, individually. Now more variants are anticipated later on, the security company says.
Actually, security experts from F-Secure another security company lately published the names of 40 banks that were getting most targeted with SpyEye wherein the top 5 were commerzbanking.de, postbank.de, targobank.de, bankofamerica.com and fiducia.de, serially.
Furthermore, M. Hyykoski security analyst at F-Secure stated that the SpyEye variants aimed attacks on banks through the utilization of the webinject.txt plug-in. The company gathered 1,318 samples, which corresponded with those that the RSS Feed of SpyEye Tracker collected. F-Secure researchers also found that the particular group of samples had URLs for banks counting 632 with the commerzbank.com bank URL getting attacked most, Hyykoski enumerated. Infosecisland.com published this.
Additionally, F-Secure as well studied the ZeuS Trojan, just like SpyEye. Both represented infamous bank info-stealing trojans with which thieves siphoned over $100m worldwide. And while there's a widespread belief that ZeuS is an extremely perilous form of malicious software that ever-emerged within cyber space, many versions of it are still propagating.
Related article: SAP Admits the Charges of Downloading Oracle’s Data
» SPAMfighter News - 05-04-2012