New Trojan that covertly steals your money

New Trojan that covertly steals your money

code

A new Trojan virus is sweeping the online world, and this one is more sophisticated than ever… .

Experts are warning that the discovery of the The URLZone Trojan signifies the advent of the next generation of bank Trojans. So sophisticated, the URLZone can steal money from your bank account and then control your online banking account so that you are unaware that your money has gone.

It does this by re-writing HTML from the bank website so that the victim can’t see the transfer in the account statement. This most significant benefit of this new means of theft is that it gives the cybercriminals a much larger time window with which to move the money to other accounts. It also means that your dwindling bank account can be milked dry over time, which keeps the transaction below the bank’s anti-fraud radar devices.

The next time you log into your online banking account, the virus changes the statement you see, thus concealing the stolen funds and giving an impression of normality. However, if you were to log onto your account from another computer, an uninfected computer, then the real story would be revealed.

The Trojan has a success rate of around 7.5%, which equates to roughly 1 in 15 people who are infected. As with most similar scams, the unsuspecting user is infected when they visit a website that is riddled with malware.

Upon infection, the log in details to your online banking account are noted and sent to a Command and Control server in Ukraine. This in turn informs the virus how much money to steal and where to send it.

After it infected about 6,400 computer users last month, the Trojan was clearing about €12,000 (US$1,750) per day. That puts it on track to rake in as much as €7.3 million annually.

What is becoming clearer is how hackers transfer stolen money around without detection. What are known as ‘money mules’ are used for this purpose. The ubiquitous adverts that you might see on websites like Facebook which offer work-from-home schemes are often fronts for money laundering. The unsuspecting mule recruited to work at home, has his/her legitimate bank account used to transfer money from a victim’s account to an offshore account.

The key to avoiding infection is the best security for your computer. If you make it difficult for a cybercriminal to access your computer, then chances are they will move elsewhere.

__________

Image Credit: Darcy McCarty

Comments are closed.