Security news11 November 2004
UK online bank accounts put at risk by new Trojan, reports Sophos
 |
| The Trojan horse steals data from online bankers, allowing hackers to empty bank accounts. |
Security researchers at Sophos are warning of a new Trojan horse which helps criminals break into the accounts of British internet banking customers. The Troj/Banker-AJ Trojan targets users of online banks such as Abbey, Barclays, Egg, HSBC, Lloyds TSB, Nationwide and NatWest.
Troj/Banker-AJ lies dormant in the background on infected Windows PCs, waiting for computer users to visit legitimate online banking websites. Once it notices the computer has visited one of a number of banking websites it springs into action, capturing passwords and taking screenshots. This information is then relayed to remote hackers who can use it to break into the bank accounts of innocent users and steal their money.
In the past, Sophos has monitored this technique being used by criminals wanting to break into Brazilian online bank accounts, but now there is growing evidence of the same trick being attempted on UK shores.
"People are increasingly aware of the threat from phishing emails which direct innocent users to fake banking websites in order to capture personal details, but this Trojan is different - it waits until the user visits a real banking website and then surreptitiously monitors the login process. It's like having a mugger looking over your shoulder as you type in your PIN number," said Graham Cluley, senior technology consultant at Sophos. "But computer users needn't panic - deploying and updating anti-virus software will provide protection from this latest menace."
Sophos recommends that companies protect their email with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.
