Silicon reports that cyber-criminals are surfing into online banks.
Password-stealing Trojan horses used to be all the rage. The software would nestle itself on a PC after opening a bad email attachment or visiting a malicious website. But in response to the increased adoption of stronger authentication, cyber criminals are changing their tactics, according to Alex Shipp, a senior antivirus technologist at MessageLabs.
During a panel discussion at the RSA Conference 2006 on Thursday, Shipp said: "We have recently seen a move away from stealing username and passwords." The new "bank-stealing Trojans" wait until the victim has actually logged in to their bank. "It then just transfers the money out."
Shipp said: "All of the authentication, little keys you have to have in your hand, biometrical things, it doesn't matter. The bad guy just waits until you're there and then takes the money out."
This new type of Trojan is on the rise and is currently number three on the list of most common threats, according to Shipp. The most-seen threat today is remote control code used to maintain networks of zombie PCs, or botnets, he said. Second are phishing scams, which seek to dupe computer users into giving up personal information, according to Shipp.
The bank-stealing Trojans are programmed to work with specific online banking websites, he said. "I come from Britain; we only have four banks," he added. "The bad guys are adding more and more banks every day."
The malicious software typically arrives in an email with an apparently innocent web link, for example, to an online greeting card. Shipp said: "If you click on it, you will download an executable that installs itself into your browser and then just waits until you go to your bank site."