-
The latest reason for banks to provide security for their mobile banking users: mobile malware attacks have increased more than six-fold in the past year, according to a recent survey from Juniper Networks.
June 26 -
An RSA cybercrime expert walks us through a typical online/mobile banking attack with a new twist: an SMS forwarder that steals authentication codes.
June 10
Banks can expect an explosion of new Trojan malware variants this year that could lead to fraud and theft against their online and mobile banking customers' accounts.
The source code behind a crimeware kit called Carberp has been
The Carberp banking malware, which can steal personal information, has the ability to modify a hard drive so as not to be detected by antivirus software, according to
Indeed, the leak could equal that of a similar event two years ago, when Zeus source code was exposed on the net. At that time, 10 new variant strains of malicious software were created in short order, says Ken Baylor, a research vice president at information security research and advisory company NSS Labs.
"Some of them, like Ice IX, were devastating, but when we focused on them, the anti-malware community found a way of defeating them," he says. "This leak will bring at least three times as many variants, much research by talented but underfunded wannabe criminals, and much more havoc. The availability of prepaid debit cards eliminates the need for money mules, so they can 'get into the business' of crime much more easily."
He warns that banks need to be ready, especially since the same files that leaked the Carberp Trojan also contained another type of malware called Citadel, which is based on Zeus but much more devastating.
"Citadel has caused millions of dollars in losses, and was created from leaked Zeus source code," Baylor says. "I expect to see a major uptick in modified crimeware over the next few months."