Stealing bank accounts with Trojans

A group of hackers stole bank accounts in four countries by using highly sophisticated Trojans built specifically for the purpose of deceiving information online.

A group of hackers stole bank accounts in four countries by using highly sophisticated Trojans built specifically for the purpose of deceiving information online.

The most outstanding feature of these Trojans is the ability to mimic account holder operations performed to withdraw money. Don Jackson, a senior security researcher at SecureWorks Inc., said: ' It doesn't spread widely, but it's extremely dangerous. It took away more than $ 200,000 from the accounts we supervised, and passed all the prevention programs . '

The new Trojan is called Prg Banking, and has stolen hundreds of thousands of accounts from the largest banks in the US, Britain, Spain and India. Jackson also said he discovered at least four servers containing Prg format files and ghost versions of legitimate banks, as well as caching information gathered by Trojans.

Picture 1 of Stealing bank accounts with Trojans
The bank account is the main goal of the Prg Trojan. The attackers are truly smart and amazingly skilled. ' You will not be able to tell which transactions are carried out by Trojans and the beginning of transactions made by humans ,' Jackson said. According to Jackson, these hackers have exploited the data gathered in advance by a weaker version of the Trojan horse to locate bank accounts, including the specific URL of the bank or instructions of the transaction. They target bank accounts because these accounts have a large balance and are often integrated with the ability to conduct online transactions. Once they get into their accounts, hackers can quickly get their money by moving into their controlled accounts.

After selecting the victim, the hackers will use a form of persuasion to get the information online very convincingly and send them to the account owner has been determined based on the data stolen earlier. ' They usually include the account number, the owner's first and last name, as well as other account security details. Hackers will ask users to "download" a new password, but the link will lead to a hacker-generated page, and the Trojan Prg will be downloaded automatically. With the ability to mimic keystrokes, the Trojan transfers the amount of stolen accounts to another account . "

' This is a really smart part of the Trojan, ' Jackson commented. ' The way it loads JavaScript from the command-and-control server is like a human. The less sophisticated trojans usually go straight to the transfer page, rather than going through pages that a person will actually have to visit before reaching the transfer page, as Prg can. Because most anti-fraud programs only work with automated behaviors, they become useless before Prg . '

' Until now, nearly 20 banks have been attacked, but these are big banks in the US, UK, Spain and Italy .' Jackson also praised the talent of the criminals.

The best way to protect yourself from the Trojan Prg, Jackson concludes, is to be wary of any email from the bank: ' Even if you know the sender, you should make sure the person sends the previous letter. when click on any link. '

K.Hoa

Update 13 December 2018
« PREV
NEXT »
Category

Technology

Life

Discover science

Medicine - Health

Event

Entertainment