This article provides an analysis of recent developments regarding attacks launched by malicious programs against the clients of financial organizations. This article will focus primarily on the struggle for control between financial malware, also known as crimeware1, and the antivirus industry and will also examine the confrontation arising between crimeware and the financial sector as a whole.
This article will not stop to look at the methods employed to infect users’ computers, nor will it detail the other malign tactics, such as phishing and social engineering, etc. used by the cybercriminals against financial organizations. Whilst these topics remain as hot as ever, they have been addressed in detail elsewhere in previously published articles. For example, here is one such piece written by a colleague: Attacks on banks.
This article aims to answer the question – is it possible to effectively stem the tide of malware targeting the financial industry under present day conditions?
This article is aimed primarily at experts and specialists working in financial institutions, as well as IT professionals with an interest in this particular area.
Before we proceed any further, let me first emphasize that all of the financial organizations’ ratings included in this article do not in any way reflect their reliability (or lack thereof) and have no correlation whatsoever to their vulnerability relative to other market players. These ratings often depend on the popularity of the system that a user happens to be working with. It would be inappropriate to draw any conclusions about the reliability of a bank’s security system based on the materials referenced below.
Cybercriminals on the offensive
More and more frequently these days, we hear about successful attacks perpetrated by the cybercriminals against the clients of financial organizations. More often than not, these malware-based attacks follow a well-trodden path: the search for a suitable victim and the infection of their computer, the theft of their online banking login credentials, followed by the subsequent withdrawal of the victim’s funds.
One recent classic example comes from the Zbot-toolkit family , which is also known as ZeuS.
READ THE FULL STORY (Securelist.com)