Malware 'suites' sold cheap onlineCyber criminals are offering low priced and customisable ‘web-injects’ for malware, which a security expert warns could wreak havoc with banks.
An evolving underworld market for malware has shifted to start offering more targeted and often bespoke updates to commonly found malware like Zeus and SpyEye.
Known as web-injects, they are generally used to create fake web pages which pop up when a victim infected with malware uses online banking or makes a transaction.
Just like any market, that of malware and web-injects is subject to changes, and Trusteer has found that, while bulk pricing has been popular in the past, web-inject software writers are producing code with specific features.
The Additional Passwords mechanism asks for more passwords from a victim, costing up to $200, while the TAN Grabber can capture one-time passwords that are sometimes used by some banks to authorise online transactions.
According to Trusteer, cyber criminals are essentially aping traditional software vendors, offering an a la carte suite of pricing options.
While the move away from bulk buying to tailor made web-injects means more cost, the customised software is also becoming more readily available - and cheaper.
This greater availability and improved ability to narrow attack areas is threatening to cause upheaval with financial defences.
According to George Tubin, Senior Security Analyst with Trusteer, many banks could find themselves at considerably greater risk than before.
“It is very concerning for a lot of banks which maybe haven’t been targeted before,” he said, speaking with TechEye. “Typically the malware will target larger institutions."
“Now you can target almost any bank you want, you could target banks that previously haven’t been target," he said. “These are often the ones that don’t have as good defences in places.”
Categories: Trojan and Viruses