Crimeware: A New Round of Confrontation Begins

Author: Yury Mashevsky
minute read

By Yury Mashevsky (Securelist.com)

This article provides an analysis of recent developments regarding attacks launched by malicious programs against the clients of financial organizations. This article will focus primarily on the struggle for control between financial malware, also known as crimeware1, and the antivirus industry and will also examine the confrontation arising between crimeware and the financial sector as a whole.


This article provides an analysis of recent developments regarding attacks launched by malicious programs against the clients of financial organizations. This article will focus primarily on the struggle for control between financial malware, also known as crimeware1, and the antivirus industry and will also examine the confrontation arising between crimeware and the financial sector as a whole.

This article will not stop to look at the methods employed to infect users’ computers, nor will it detail the other malign tactics, such as phishing and social engineering, etc. used by the cybercriminals against financial organizations. Whilst these topics remain as hot as ever, they have been addressed in detail elsewhere in previously published articles. For example, here is one such piece written by a colleague: Attacks on banks.

This article aims to answer the question – is it possible to effectively stem the tide of malware targeting the financial industry under present day conditions?

This article is aimed primarily at experts and specialists working in financial institutions, as well as IT professionals with an interest in this particular area.

Before we proceed any further, let me first emphasize that all of the financial organizations’ ratings included in this article do not in any way reflect their reliability (or lack thereof) and have no correlation whatsoever to their vulnerability relative to other market players. These ratings often depend on the popularity of the system that a user happens to be working with. It would be inappropriate to draw any conclusions about the reliability of a bank’s security system based on the materials referenced below.

Cybercriminals on the offensive

More and more frequently these days, we hear about successful attacks perpetrated by the cybercriminals against the clients of financial organizations. More often than not, these malware-based attacks follow a well-trodden path: the search for a suitable victim and the infection of their computer, the theft of their online banking login credentials, followed by the subsequent withdrawal of the victim’s funds.

One recent classic example comes from the Zbot-toolkit family , which is also known as ZeuS.

READ THE FULL STORY (Securelist.com)

Suggested articles

Hey Alexa, Who Am I Messaging?

Research shows that microphones on digital assistants are sensitive enough to record what someone is typing on a smartphone to steal PINs and other sensitive info.

2
Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.