Beware of Banking Trojans

Criminal gangs are after your money, and a few of them may be smart enough to get it.

Banking Trojans have been around since at least 2007 and they have become part of our everyday lives. In recent months, ZeuS Trojans have targeted to Finnish banks, resulting in financial losses for hundreds of customers. The success of these trojans has been startling and similar attacks are occuring around the globe.

How does a ZeuS Trojan work?

First, a trojan has to find a computer that is not fully protected. Once it infects a PC, the malicious software sits waiting until it is activated when a customer establishes an online connection to his or her bank.

When this happened to customers in Finland, they saw a message that said, “We are sorry, there is an error and we are working to fix it.” At that point the attack is a success. Personal information provided by the customers can then be exploited and cash transfers can then begin. Often customers do not even realize that they’ve been attacked until long after the transfers are made.

F-Secure’s Labs’ Threat Research Team has been investigating banking trojan cases for more than half of a decade. F-Secure’s Security Advisor Sean Sullivan says: “While Finnish banks have excellent safeguards and protections, we should remember that some of those protections are almost 20 years old. Cyber criminals have had plenty of time to work out new strategies.”

What can we do to protect ourselves?

Here’s Sean’s advice:

1) Don’t panic. It’s a real problem, but no more so than getting your pocket picked in the real world.

2) Keep your software up to date, and uninstall that which you don’t use. (e.g., Java). We recommend F-Secure’s Internet Security 2012, of course.

3) If you feel there’s something unusual about your online banking experience, call your bank and chat with their support. They are more than happy to help you!



CC image by: BFS Man

More posts from this topic


Why your Apple Watch will probably never be infected by malware

On Tuesday Apple announced its latest iPhone models and a new piece of wearable technology some have been anxiously waiting for -- Apple Watch. TechRadar describes the latest innovation from Cupertino as "An iOS 8-friendly watch that plays nice with your iPhone." And if it works like your iPhone, you can expect that it will free of all mobile malware threats, unless you decide to "jailbreak" it. The latest F-Secure Labs Threat Report clears up one big misconception about iOS malware: It does exist, barely. In the first half of 2014, 295 new families and variants or mobile malware were discovered – 294 on Android and one on iOS.  iPhone users can face phishing scams and Wi-Fi hijacking, which is why we created our Freedome VPN, but the threat of getting a bad app on your iOS device is almost non-existent. "Unlike Android, malware on iOS have so far only been effective against jailbroken devices, making the jailbreak tools created by various hacker outfits (and which usually work by exploiting undocumented bugs in the platform) of interest to security researchers," the report explains. The iOS threat that was found earlier this year, Unflod Baby Panda, was designed to listen to outgoing SSL connections in order to steal the device’s Apple ID and password details. Apple ID and passwords have been in the news recently as they may have played a role in a series of hacks of celebrity iCloud accounts that led to the posting of dozens of private photos. Our Mikko Hypponen explained in our latest Threat Report Webinar that many users have been using these accounts for years, mostly to purchase items in the iTunes store, without realizing how much data they were actually protecting. But Unflod Baby Panda is very unlikely to have played any role in the celebrity hacks, as "jailbreaking" a device is still very rare. Few users know about the hack that gives up the protection of the "closed garden" approach of the iOS app store, which has been incredibly successful in keeping malware off the platform, especially compared to the more open Android landscape. The official Play store has seen some infiltration by bad apps, adware and spamware -- as has the iOS app store to a far lesser degree -- but the majority of Android threats come from third-party marketplaces, which is why F-Secure Labs recommends you avoid them. The vast majority of iPhone owners have never had to worry about malware -- and if the Apple Watch employs the some tight restrictions on apps, the device will likely be free of security concerns. However, having a watch with the power of a smartphone attached to your body nearly twenty-four hours a day promises to introduce privacy questions few have ever considered.    

Sep 9, 2014
BY Jason
Aug 28, 2014
BY Jason