Norwegian Security Firm Identifies New ‘Trojan Malware’
Norman, an Oslo, Norway based cyber security company, which serves both government and enterprise networks, as well as consumer desktops, announced that its researchers “have identified an emerging trojan malware variant of SpyEye that targets specific online banking applications.”
Norman’s bulletin explained that “SpyEye is a malware toolkit that has become increasingly popular over the past few months and is similar to the widely-used Zeus malware that has caused hundreds of thousands of costly infections globally.
“These malware tools cause attacks called ‘man-in-browser’ because, like trojans, they infect web browsers and modify pages and transactions to steal valuable personal secrets such as Social Security numbers, banking logins and passwords, credit card data – even complete identity profiles stolen from autofill applications.”
A consumer or enterprise user may pick up the malware while innocently browsing thousands of infected popular web sites. SpyEye waits for the user to access on online banking account before activating.
Norman’s director of Malware Detection,Einar Oftedal, explained that while “working in early February with several banks in Norway, identified a specific variant of SpyEye that criminals have recently developed. This variant has also targeted other banks in Europe and Asia. It could easily be modified to work against any bank in any country. Online banking users in Europe and North America should be very vigilant to guard against this online risk.”
The bulletin added that this “particular variant of SpyEye targets only the initial login field on a bank’s legitimate web page, capturing login and password information and rapidly and illegally transferring money until the application times out in about 20 seconds. All Norman antimalware solutions for consumers, the enterprise and government users have detection for this trojan and any attempt at infection will be blocked.”
Norman has created a free specialized malware cleaner that can be downloaded to repair infected software.
The company has a long history in the cyber protection field. It was founded in Norway in 1984, and has become “a leader and pioneer in proactive content security solutions and forensics malware tools. Norman’s proactive antimalware solutions, including malware analysis tools, network security and endpoint protection, are powered by patented Norman SandBox® technology and used by security solutions providers around the world.”
Source: Norman