Germany’s BKA Cautions about Fresh Internet Banking Malware

BKA the German Federal Criminal Police lately alerted computer-users to one fresh malware strain that waits on Windows PCs until the user accesses his Internet bank account when the malware effectively intercepts his login details, thus published ESecurity Planet in news on July 28, 2011.

Following the interception, as the malware manages to log into the Internet bank account of the victim, it shows a message purporting to be from his bank telling that an amount has been inadvertently credited to his account which has been accepted. Therefore, he should instantly make a reverse transfer and get his account unlocked, the message adds.

Essentially, describing the malware, Brian Krebs ex-employee of Washington Post said that it provided a form for online transfer that was already filled out with the routing as well as account numbers related to certain bank account apparently under the regulation of the attacker. ESecurity Planet published this.

Moreover, as the malware proceeds with its activity to the next stage, it manipulates the website, exhibiting the banking account's balance fund thus displaying the credited amount supposedly accepted.

And as the victim believes the message and voluntarily makes the transfer, the amount really ends up inside the financial account of the attacker since all defenses pertaining to the Internet banking turns futile. What's more, possibilities of the fund being retransferred to the victim also become slim.

Thus according to BKA in Wiesbaden, people getting this kind of message online mustn't initiate the transfer rather inform the police, as has been stated on July 29, 2011.

Interestingly, this assault represents a dangerous enlargement of the trick, which the URL Zone virus pioneered as it focused on influencing the money balances, which the affected users saw during their logging of personal bank accounts.

Meanwhile, nothing specific has been said about the malware, however, it's getting more-and-more frequent when banker Trojans add "Web injects," which are tailored plug-ins for overwriting the original website content inside victims' browsers.

In the end, security specialists recommend users that they must always maintain their OS and anti-virus up-to-date so that any new inbound malware can be blocked instantly.

Related article: Germany Restricts Anti-Hacking Legalization

» SPAMfighter News - 8/9/2011