|
| Trojan horses which capture keypresses can lead
to hackers emptying your bank account. |
Sophos sees threefold increase in keyboard-logging Trojan
horses
Experts at SophosLabsâ„¢, Sophos's global network of virus and
spam analysis centres, are warning computer users that they need to
be on their guard against keyboard-logging Trojan horses, as news
reports reveal that police have foiled an attempt to steal £220
million from the London offices of a Japanese bank.
Sophos warns that it is not just large banking corporations who
can suffer from hacking and software which captures keystrokes.
Small businesses and home users are vulnerable to Trojan horses and
worms which lurk in the background on PCs, spying on everything
that occurs on the computer - including secretly capturing every
keypress and sending them to criminal hacking gangs.
"Over the last year, we have seen a dramatic rise in the number
of new viruses, worms and Trojan horses designed to steal the
keystrokes of innocent computer users. Sophos's labs produce
protection daily against approximately 15 new pieces of malware
which include this sinister payload, compared to 5 a day a year
ago," said Graham
Cluley, senior technology consultant for Sophos. "The
information stolen by this kind of phishing attack can be
equivalent to someone watching over your shoulder as you type your
password into the computer. Hacking gangs are actively hunting for
vulnerable computers in order to steal information and empty bank
accounts."
According to media reports, a high-tech gang gained access
to the bank's computer systems. It has not been revealed how they
did this, nor - despite speculation in the press - confirmed if
they used a keyboard logging Trojan horse to spy on desktop
computers at the bank, capturing keypresses. The gang are said to
have planned to transfer money electronically to 10 bank accounts
around the world. Police in Israel are said to have arrested a man
whose account had been the intended recipient of some of the money,
but it appears the robbery failed and the bank suffered no
financial losses as a result of the hacking.
The British banking industry has published information about how
online bank customers can take steps to stay safe online at
www.banksafeonline.org.uk.
"More and more malware is being written by criminals, designed
to steal bank account information from innocent computer users,"
continued Cluley. "All internet users need to ensure their
computers are properly defended with the latest up-to-date
protection software, and make sure they are not putting themselves
in jeopardy."
Sophos recommends that companies protect their email with a
consolidated solution to thwart the virus
and spam threats as well as secure their desktop and servers with
automatically updated anti-virus protection. Additionally, computer
users should ensure they are defended by personal firewalls and the
latest Microsoft security patches.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.