Wednesday, 27 June 2012

New PC virus doesn't just steal your money - it creates fake online bank statements so you even don't know it's gone

http://www.dailymail.co.uk/sciencetech/article-2083271/SpyEye-trojan-horse-New-PC-virus-steals-money-creates-fake-online-bank-statements.html

 

New PC virus doesn't just steal your money - it creates fake online bank statements so you even don't know it's gone

  • Crimeware steals passwords from your browser
  • Cyber criminals use your debit card details to drain your account
  • When you visit your bank, it adjusts figures so the criminal transactions don't appear
  • Attack has been used in U.S. and UK

By ROB WAUGH
UPDATED: 20:17, 6 January 2012

Trojan

The new SpyEye 'trojan horse' software steals your card details - then when you log into your online bank, it adjusts your balance so you don't realise anything is wrong. It's already been found in the U.S. and the UK

A new version of the SpyEye 'trojan horse' software not only steals your money, it then offers false reassurance that it's still there.

When you visit your online bank, there will be no trace of the transactions that cyber-criminals are using to empty your bank account.

Worse, your balance will also be adjusted on screen so it looks as if nothing is happening. 

The attack - on Windows PCs - has already been detected in the U.S. and the UK.

The software - which steals your bank passwords to give access to your account - waits for you to enter the same banking details before 'adjusting' what you see.

The idea is that it gives thieves more time to use your debit card details on fraudulent transactions without you realising it's happening.

The first you'll learn of the attack is your bank refusing you money, or a paper statement showing you that cyber criminals have been draining money out of your account.

The new version of SpyEye has targeted banks in the U.S. and the UK.

Trusteer, a security company which detected the attack, says, 'The next time the victim visits their online banking site, the malware hides the fraudulent transactions, as well as artificially changing the total balance.'

 

 

'As a result, the deceived customer has no idea that their account has been ‘taken over’, nor that any fraudulent transactions have taken place.' 

The software, a variant on a commonly used cyber attack, has been 'tweaked' so that as well as its usual attack - grabbing passwords and login information from your web browser without you knowing, it also adjusts your balance when you next visit your bank's web page.

'SpyEye is a tweak of the Zeus crimeware kit that grabs web form data within browsers,' says the Naked Security blog at web security experts Sophos. 'This year, right before the recent holiday season, Trusteer found a hopped-up version of SpyEye attacking banks in the U.S. and U.K.

'The new Trojan, instead of intercepting or diverting email messages, hides bogus transactions even after users have logged out and then logged back into their accounts.'

'This version of SpyEye both hides the fraudulent transaction and masks the amount of the transaction, putting forward a fake balance and ensuring that victims are oblivious to anything being amiss.'

With hi-tech cyber attacks such as SpyEye, there are few visible signs that anything is wrong. 

There are defences, though - ensure your browser is up to date, manually updating it if necessary. 

You should also ensure that the 'anti-phishing' option is switched to 'on' in Firefox, Chrome or Internet Explorer, which will check for 'blacklisted' websites and prevent your browser being directed to the 'fake' version that delivers your bank statement.

Read more: http://www.dailymail.co.uk/sciencetech/article-2083271/SpyEye-trojan-horse-New-PC-virus-steals-money-creates-fake-online-bank-statements.html#ixzz1yzdT8YJx