Beware: Trend Micro Warns Of New Malware Threat To Bank Security
Trend Micro Incorporated, the global cloud security leader, recently released a threat report that identifies an Automatic Transfer System (ATS) which allows cybercriminals to breach new bank security measures and clean out a victim's bank accounts without leaving signs of criminal activity.
The report, written by Trend Micro's Senior Threat Researcher, Loucif Kharouni, discusses how the ATS tool is used in conjunction with SpyEye and ZeuS malware variants to create a "Man in the Browser" (mitB) attack. The attack does not require the criminal to be online during the victim's session and will automatically conduct a wire transfer using the victim's credentials, without alerting them.
Entitled "Automatic Transfer System, a New Cybercrime Tool" the report documents attacks that have been directed toward banks which are using enhanced security measures, such as those that impose daily account transfer limits and use two-factor authentication through SMS notifications. Banks in Germany, the United Kingdom and Italy have been targeted the most for these attacks.
"The attacks are of particular concern because they circumvent traditional and even enhanced online banking security measures" said Tom Kellermann, VP Cybersecurity, of Trend Micro. "Due to seemingly imperceptible way that this ATS tool modifies records, endpoint solutions must be used to prevent infections from starting or detect the threat after it has already affected a machine. Users should also update their endpoints security systems frequently to ensure they afford themselves the best chance to prevent these attacks."
The ATS tool only currently affects bank accounts where a PC running Windows is used to access bank records. Unlike previous cybercrime tools that interact with SpyEye and ZeuS, the ATS tool does not prompt pop-up displays and will automatically perform several tasks such as checking account balances, conducting wire transfers and modifying account transactions to hide traces of the tool's presence. No banks in the United States have reported to be affected yet, but previous threats that have been linked with SpyEye and ZeuS create the possibility that the tool can be re-purposed to attack banks in the United States.
Feel free to share this article report to your banks, to all your family, and to your friends as a safety measure and as a means of public service. Be safe everyone!