New Virus Raids Your Bank Account
It used to be that viruses were all about annoying popups or deleting important windows files, or redirecting all your searches to porn sites. Not anymore. Virus makers have grown up, and these days, it’s all about the money.
Take the new “SpyEye” Trojan that an Israeli based Security firm Trusteer found a few weeks ago. This sneaky little virus will wait for you to log into your bank webpage, then steals your credentials. It tricks you into giving it your debit card information, and hijacks your account. Pretty standard for a financial virus so far, right? Here’s where it gets real scary.
SpyEye uses advanced track covering techniques. First, it monitors all the transactions the criminal makes, then it changes the characters on the infected machine to erase all evidence of the transaction, giving the criminal time to push the money to his own ends, and the consumer has no idea. The virus doesn’t actually change the bank systems, just what is displayed on the infected machine’s web browser, meaning the only person who would know about the attack is the consumer if he happened to check his balance at an uninfected machine, or at an ATM.
The virus’ evidence wiping is “a very scary tactic,” said Avivah Litan, a financial fraud analyst at consulting firm Gartner. “Everybody thinks all they have to do is check their transactions and their balances. That’s not true anymore.” He goes on to say how important it is for consumers to report virus attempts and infections, as they’re still a staple in following the latest hacking trends.
“Most banks let the first transaction through, because if they stopped everything that was potentially fraud, consumers would get annoyed,” she said. In most cases this lets the criminals get their one important transaction through, and they usually only steal from an account once.
Evidence covering techniques have been used by viruses in the past. A simpler version of the virus helped criminals stay undetected with the same web interception trick, but this Trojan has a better potential for success, because it involved third party debit card used and multiple banks and multiple security systems.
Basically, if you have financial malware on your computer, it’s game over. Regular virus screenings will help combat this, as stopping the virus before it strikes is the most effective way to deal with fraud in the first place.