May 11, 2010, 10:11AM
Crimeware: A New Round of Confrontation Begins
Comment 
By Yury Mashevsky (Securelist.com)
This article provides an analysis of recent developments regarding attacks launched by malicious programs against the clients of financial organizations. This article will focus primarily on the struggle for control between financial malware, also known as crimeware1, and the antivirus industry and will also examine the confrontation arising between crimeware and the financial sector as a whole.
This article will not stop to look at the methods employed to infect users’ computers, nor will it detail the other malign tactics, such as phishing and social engineering, etc. used by the cybercriminals against financial organizations. Whilst these topics remain as hot as ever, they have been addressed in detail elsewhere in previously published articles. For example, here is one such piece written by a colleague: Attacks on banks.
Editor's Pick
This article aims to answer the question – is it possible to effectively stem the tide of malware targeting the financial industry under present day conditions?
This article is aimed primarily at experts and specialists working in financial institutions, as well as IT professionals with an interest in this particular area.
Before we proceed any further, let me first emphasize that all of the financial organizations' ratings included in this article do not in any way reflect their reliability (or lack thereof) and have no correlation whatsoever to their vulnerability relative to other market players. These ratings often depend on the popularity of the system that a user happens to be working with. It would be inappropriate to draw any conclusions about the reliability of a bank's security system based on the materials referenced below.
Cybercriminals on the offensive
More and more frequently these days, we hear about successful attacks perpetrated by the cybercriminals against the clients of financial organizations. More often than not, these malware-based attacks follow a well-trodden path: the search for a suitable victim and the infection of their computer, the theft of their online banking login credentials, followed by the subsequent withdrawal of the victim’s funds.
One recent classic example comes from the Zbot-toolkit family , which is also known as ZeuS.
READ THE FULL STORY (Securelist.com)
Commenting on this Article is closed.
Today's Most Popular
- Attackers Using Fake Google Analytics Code to Redirect Users to Black Hole Exploit Kit
- Google Releases Beta of Chrome for Android
- Flash With Sandbox in the Works for Firefox
- DDoS Attacks Take on Political Motivations as Attackers Evolve
- Anonymous Leaks FBI, Scotland Yard Phone Call Detailing Hacking Investigations
Most Commented Stories
-
Mac OS X Sandbox Security Hole Uncovered (5)
-
Privacy Fail: Is Uncle Sam Encouraging Bad Security? (8)
-
Anonymous Leaks FBI, Scotland Yard Phone Call Detailing Hacking Investigations (5)
-
Flash With Sandbox in the Works for Firefox (4)
-
Apple Ships Huge Set of Patches for OS X (6)
Newsletter Sign-up
Take Our Poll
Follow Threatpost
 |  |  |  |
| Tumblr |
