EMC Corp.'s RSA Security unit has introduced a service that spots "Trojan Horse" viruses.
The FraudAction Anti-Trojan service, which it announced Thursday, is designed to zero in on the sites fraudsters use to distribute the viruses and that collect data from them. RSA said these viruses have proliferated in response to banks' use of strong authentication software.
The so-called Trojans lurk quietly on a victim's computer until after it has been logged in to a financial Web site, then transmit the log-in details to a fraudster who can use the information later to gain access to the account.
The RSA service uses data from antivirus companies that track the spread of malicious software. With this information, RSA can find Web sites that distribute Trojans and places that serve as "drop sites" for the stolen account data.
RSA can try to shut down the distribution sites. And "we will shut those drop sites down to mitigate the harm" caused by Trojans that have already infested home computers, said Marc Gaffan, RSA's marketing director for the consumer solutions group.
The unit has begun testing the service, though Mr. Gaffan would not say which financial customers are doing the testing nor which antivirus companies are supplying Trojan data.
The service has spotted six to 10 families of Trojan viruses aimed at financial companies, he said, and since each family can have dozens of variants, several hundred distinct viruses may be targeting banks. RSA said it knew of just four or five families of financial Trojans six months ago.
Gwenn Bezard, a research director at Aite Group LLC in Boston, called RSA's service "very important. It was definitely a missing piece in their arsenal." The use of Trojans in financial scams is "definitely a growing trend," he said, and consumer antivirus software is insufficient to combat it.
Though antivirus companies are aware of Trojans targeting banks, they consider them less dangerous than viruses that can cause noticeable damage to users' computers, he said.
"They are going to focus on the most visible threats, the stuff that disrupts PCs," Mr. Bezard said. Businesses and consumers are most vocal about these because they do not notice the damage being caused as Trojans silently steal their data.
