Newly Observed Malware Targets Online Banking: ESET

Print
Email
Reprints
Comment
Twitter
LinkedIn
Facebook
Google+

Researchers at a security firm in Slovakia are warning of malicious software they say can steal online banking credentials.

According to ESET, which makes anti-virus software for businesses and consumers, the malware hides in software that runs a majority of the world's websites.

Though the program, dubbed Linux/Chapro.A, can steal any type of content, in the scheme that ESET has identified the malware aims to steal information from customers of banks.

The code is said to inject a computer file into select web browsers that displays a request for the card verification value code, a series of three or four digits found on credit cards.

The malware camouflages itself and can relay the security code and user's credentials to computers commandeered by thieves.

"The program has many capabilities to evade detection by system administrators," Pierre Marc-Bureau, a security intelligence program manager at ESET, wrote Tuesday in a blog post. "Before serving malicious content to a visitor, multiple checks will be performed."

ESET says the version of Linux/Chapro.A it has observed targets banks in Europe and Russia, although the malware could be configured to attack U.S. banks.

According to Marc-Bureau, Linux/Chapro.A avoids detection by scanning the servers of potential targets to avoid injecting itself into systems on which administrators or web developers may be working.

Before injecting itself, the malware embeds a file in the victim's browser to ensure the malware will refrain from leaving digital footprints that come with repeated injections. The malware also maintains a roster of websites that have served malicious content. Users will receive the malware once even if they visit the site repeatedly.

The scheme, according to Marc-Bureau, "shows the increased complexity of malware attacks."

According to ESET, the malware can erase messages that banks may post that warn customers the bank will never ask them to enter card data.

ESET says it has not determined whether "the same group of people are behind the entire operation or whether multiple gangs collaborated" to deploy it.

The warning by ESET comes roughly a week after a researcher at McAfee said an operation conceived by two Russian hackers to steal information from customers at dozens of U.S. banks in the coming year may be credible.

JOIN THE DISCUSSION

SEE MORE IN

'The Law Penalizes the Consumers It Set Out to Protect': Comments of the Week

American Banker readers share their views on the most pressing banking topics of the week. As excerpted from the Comments sections of AmericanBanker.com articles.

(Image: Fotolia)

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.

The FinTech 100

FIS and Tata once again top the annual FinTech 100 list of vendors, ranked by revenue; IBM and Hewlett-Packard lead the pack of tech companies serving multiple industries; and Bionym and Silver Tail are among the 10 Tech Companies to Watch.
DAILY ENEWSLETTER UPDATE

A Newsletter featuring Bank Technology News' top stories plus special reports and data

This feature displays payments industry news and analysis from American Banker sibling brand PaymentsSource. Registration is required; for more information contact customer service.

TWITTER
FACEBOOK
LINKEDIN
Already a subscriber? Log in here
Please note you must now log in with your email address and password.