nV News Forums

 
 

nV News Forums (http://www.nvnews.net/vbulletin/index.php)
-   Archived News Items (http://www.nvnews.net/vbulletin/forumdisplay.php?f=67)
-   -   Sophisticated botnet steals more than $47M by infecting PCs and phones (http://www.nvnews.net/vbulletin/showthread.php?t=198201)

News 12-06-12 07:10 AM

Sophisticated botnet steals more than $47M by infecting PCs and phones
 
http://cdn.arstechnica.net/wp-conten...bber-phone.jpg Behold'the Eurograbber, visualized.
Aurich Lawson / Thinkstock


A new version of the Zeus trojan'a longtime favorite of criminals conducting online financial fraud'has been used in attacks on over 30,000 electronic banking customers in Europe, infecting both their personal computers and smartphones. The sophisticated attack is designed to circumvent banks' use of two-factor authentication for transactions by intercepting messages sent by the bank to victims' mobile phones.

The malware and botnet system, dubbed "Eurograbber" by security researchers from Check Point Software and Versafe, was first detected in Italy earlier this year. It has since spread throughout Europe. Eurograbber is responsible for more than $47 million in fraudulent transfers from victims' bank accounts, stealing amounts from individual victims that range from 500 Euros (about $650) to 25,000 Euros (about $32,000), according to a report published Wednesday (PDF).

The malware attack begins when a victim clicks on a malicious link, possibly sent as part of a phishing attack. Clicking on the link directs them to a site that attempts to download one or more trojans: customized versions of Zeus and its SpyEye and CarBerp variants that allow attackers to record Web visits and then inject HTML and JavaScript into the victim's browser. The next time the victim visits their bank website, the trojans capture their credentials and launch a JavaScript that spoofs a request for a "security upgrade" from the site, offering to protect their mobile device from attack. The JavaScript captures their phone numberand their mobile operating system information'which are used in the second level of Eurograbber's attack.


Read 3 remaining paragraphs | Comments

http://feeds.feedburner.com/~ff/arst...go:V_sGLiPBpWU http://feeds.feedburner.com/~ff/arst...go:F7zBnMyn0Lo http://feeds.feedburner.com/~ff/arst...?d=qj6IDK7rITs http://feeds.feedburner.com/~ff/arst...?d=yIl2AUoC8zA
http://feeds.feedburner.com/~r/arste...~4/7ZE8qIh5Dl8

More...


All times are GMT -5. The time now is 07:31 AM.

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.