Trojan Variant Infecting Singapore Banks

According to news reports from ZDNet Asia published on June 3, 2009, a newly found Trojan program is attacking accountholders of local banks in Singapore.

The Trojan that infects a computer redirects the end-user onto a phony bank site, while the malware steals the user's actual login details. Actually, on the phony site, the user is asked to fill up a third space apart from the normal spaces for username and 'personal identification number.' At this point, the browser seems as if it is stuck; so the user is suggested that he re-submit his log-in details a number of times, till the Trojan intercepts them all.

Besides, state the security specialists that scammers might trade off the stolen account details to other criminals for cash on the forums for cyber-crime for the data to be subsequently exploited.

Reportedly, three major area banks, OCBC Bank, UOB (United Overseas Bank) and DBS Bank were warned about the Trojan late in May 2009.

Responding to it, OCBC and DBS banks wrote in their security advisories that there was an affiliation between the Trojan and "Banker." DBS even added links pointing to the websites of security companies like Symantec and McAfee that recognize the Trojan as Infostealer.Banker.C and PWS-Banker.cz separately.

Meanwhile, both McAfee and Symantec described the Trojan as low risked. On May 8, 2009, when Symantec last made the profile up-to-date, it found that the total infections counted less than 50 as well as said that it was 'easy' to arrest the threat despite the malware according a 'medium' level damage. In time, McAfee too issued details of PWS-Banker.cz on May 22, 2009, saying that the threat posed low risk to both home and corporate users.

Furthermore Symantec, when asked, could not give any detail about the region-wise proliferation of the attacks, but said that the threat was capable of affecting any customer of a bank irrespective of the kind of service the bank offered or the place where it was located.

Notably, a spokesperson of UOB said that the bank had confirmed news that the Trojan never targeted its website. ZDNet Asia reported this.

Related article: Trojans to Target VoIP in 2006

» SPAMfighter News - 6/8/2009