Antivirus-evading bank malware surges

CYBER CRIMINALS ARE SENDING more banking trojans to computers worldwide, with a huge increase in the number of infections detected over the last two weeks, according to security firm Symantec.

Malware researchers noticed a massive increase in spam containing polymorphic malware, a type of virus that constantly changes its appearance to avoid being detected by antivirus software, Krebsonsecurity reported.

Symantec also identified a surge in this form of malware, jumping from 18.5 per cent in August to 72 per cent in September, which shows a sharp change from traditional malware to this more sophisticated form that appears to be netting criminals significantly more money than more familiar trojans and viruses.

A common tactic employed by the spammers is to send a message that looks like a failed Automated Clearing House (ACH) payment sent by NACHA, the not-for-profit electronic payments association. When the attachment is clicked on it installs a trojan, usually a variant of Zeus, which steals bank details and funds.

Some recent victims of these attacks include the Oncology Services of North Alabama, part of the Centre for Cancer Care, which lost $120,000, the North Putnam Community School Corporation, which lost $98,000, and the City of Oakdale, California, which lost $118,000.

All of these have received refunds or are awaiting payouts from their insurance companies, but it's still a costly affair, as there are insurance fees, hikes in premiums, and, of course, the cost of ratcheting up security at both the companies and the banks.

Another growing trend is malicious emails that pretend to be sent from smart printers and scanners containing a zipped file containing what appears on the surface to be a scanned document. The file is an executable trojan, however. Many of these attacks even look like they came internally from company colleagues.

The problem with this form of sophisticated malware is that it can easily evade many antivirus scans, which means that we cannot rely on technology alone to ensure that our computers and bank details are safe.

Human vigilance will remain the primary defence against these kinds of attacks, which usually bait people into installing the trojans in the first place. Until people become more aware of the threats out there, we are bound to hear of many more incidents of virtual bank heists. µ