|The Trojan horse steals data from online bankers,
allowing hackers to empty bank accounts.
Security researchers at Sophos are warning of a new Trojan horse
which helps criminals break into the accounts of British internet
banking customers. The Troj/Banker-AJ Trojan
targets users of online banks such as Abbey, Barclays, Egg, HSBC,
Lloyds TSB, Nationwide and NatWest.
Troj/Banker-AJ lies dormant in the background on infected
Windows PCs, waiting for computer users to visit legitimate online
banking websites. Once it notices the computer has visited one of a
number of banking websites it springs into action, capturing
passwords and taking screenshots. This information is then relayed
to remote hackers who can use it to break into the bank accounts of
innocent users and steal their money.
In the past, Sophos has monitored this technique being used by
criminals wanting to break into Brazilian online
bank accounts, but now there is growing evidence of the same
trick being attempted on UK shores.
"People are increasingly aware of the threat from phishing
emails which direct innocent users to fake banking websites in
order to capture personal details, but this Trojan is different -
it waits until the user visits a real banking website and then
surreptitiously monitors the login process. It's like having a
mugger looking over your shoulder as you type in your PIN number,"
said Graham Cluley, senior technology consultant at Sophos. "But
computer users needn't panic - deploying and updating anti-virus
software will provide protection from this latest menace."
Sophos recommends that companies protect their email with a
consolidated solution to thwart the virus
and spam threats as well as secure their desktop and servers with
automatically updated anti-virus protection.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.