Banker Trojans on the rise; pump-and-dump schemes hit Europe

Banker Trojans on the rise; pump-and-dump schemes hit Europe

US online security services firm Panda Software says 20% of all Trojans it detected in 2006 were designed to steal financial information, and the malware is evolving into more dangerous forms.

The rapid evolution of banker Trojans is largely due to the use of additional security measures by financial institutions, such as the virtual keyboards that are used to prevent traditional keyloggers recording passwords.

But Panda says fraudsters are stepping up efforts to counter-act security measures. Panda says last year it detected Banbra.DCY, a banker Trojan designed to take video shots in order to see exactly which characters customers enter on a virtual keyboard.

Trojans are also increasingly used for pharming, which involves tampering with the the domain name system used to direct users to spoof bankingWeb pages designed to capture the data entered.

"Banker Trojans are currently one of the greatest threats on the Internet and attacks using this type of malicious code can have devastating effects on users' finances," says Luis Corrons, technical director of PandaLabs. "These Trojans are created specifically so they can be installed and operate without attracting attention."

Earlier this week IT security firm Sophos warned European investors of a pump-and-dump stock spam campaign designed to manipulate the share price of a company listed on the German stock exchange.

The spam e-mail encouraged German investors to buy shares in US-based energy company Stonebridge Resources Exploration, which is listed on the Frankfurt Stock Exchange. Since spotting the e-mail, Sophos says it has monitored activity in trading on the stock which increased significantly.

"This is the first time we have seen a widespread spam campaign trying to influence a stock market based outside of the USA. If spammers are finding this stock's price easy to manipulate it could leave German language computer users seriously out of pocket," says Graham Cluley, senior technology consultant for Sophos.

Earlier this month US prosecutors filed federal charges against three Indian nationals who allegedly hijacked online brokerage accounts in the US in order to conduct pump and dump scams.

The SEC also obtained an emergency court order freezing $3 million contained in an online trading account held by a Latvia-based bank that has allegedly been used to run a market manipulation scheme.

Furthermore, the regulator has suspended trading in 35 over-the-counter penny stocks that have been the subject of repeated spam e-mail campaigns.

Comments: (0)