Experts Warn - Cridex Malware Robbing in Indian Cyberspace

Cyber security experts have alerted online banking users in India about a new 'worm' virus which is infecting and performing destructive activities.Efytimes.com published news on 11th February, 2015 stating that the virus is a variant of deadly Trojan which has been named Cridex and it is supposed to attack users of net-banking and steal their personal log-in-data.

Cridex Trojan seems to be more dangerous because it can assume six aliases to perform its activities.

Computer Emergency Response Team of India (Cert-In) in its latest advisory has alerted users of e-banking stating that variants of Cridex malware are expanding quickly. This Trojan is mainly expected to steal information from e-bankers through removable drives. Efytimes published news on 11th February, 2015 stating that even users of social media are also in the hit-list of this malware besides users of online banking.

The CERT-In is the nodal agency to fight phishing, hacking and to toughen security-related defenses of the Indian Internet domain.

When virus enters into the personal Internet working steam of an user, it spreads by opening a backdoor to download several malicious files.

Newsnation.in published news on 10th February, 2015 quoting an alert of the agency as "The malicious software makes web injects into the HTML pages of financial enterprises contained in the configuration just like other big banking Trojans. The Trojan directs the users to bogus banking websites for collecting their information and then connects to the bank's website from the IP address of the victim evading IP reputation blocking."

Some of the identified assumed names of this banking virus are 'Dapato', 'Geodo', 'Worm.Win32.Cridex', 'W32/Kryptik.BVB', 'Trojan.Gen.2' and 'PWS:Win32/Zbot' and can be seen by these names when they appear online.

The Cridex banking Trojan has been existing for more than two years now. Previously, crooks spread tactics with compromising legitimate website before using the notorious Blackhole Exploit Kit to inject Trojan into the vulnerable Windows in PCs of surfers also.

CERT-In advised Internauts: keep firewalls at desktop as well as gateway levels enabled, also update patches and fix it on the OS and apply software and AV and anti-spyware signatures at entry points.

» SPAMfighter News - 3/2/2015