A Thing
The Green SheetGreen Sheet

The Green Sheet Online Edition

August 27, 2012 • Issue 12:08:02

ThreatMetrix warns of new malware

Sophisticated new malware programs are not only difficult to detect, track and contain, but they also have highly specific targets, said Andreas Baumhof, Chief Technology Officer of ThreatMetrix Inc. As a result, the reputation of electronic devices touted as "malware free" is eroding, and the threat to financial institutions (FIs) and mobile devices is growing, he warned.

An Aug. 9, 2012, report released by ThreatMetrix alerted FIs that a new FI-targeted, peer-to-peer Zeus Trojan malware called Gameover is the "largest financial botnet we've ever seen." The company estimated more than 678,000 computers are infected with Gameover, including computers in 14 of the top 20 Fortune 500 companies.

ThreatMetrix said Gameover, a program that hides in computers and tracks keystrokes, including passwords to accounts accessed online, is the work of a single cyber-crime organization. The malware is spread through fake emails purportedly from legitimate retailers.

A threat to Apple

Gameover is not the only malicious new program out there. A recent ThreatMetrix report detailed how a new criminal malware called Crisis can disrupt, disable and completely take over Apple Inc. Mac computers and lead to "extensive OS X damage and security breaches for OS X users." The malware steals address book information, uploads and downloads files, accesses full file systems, and snoops on webcams, with little chance of being detected.

Baumhof said Crisis is so well hidden and hard to reverse engineer that it represents "a whole new level of sophistication" in malware programming. "Apple has always been known for its virus immunity, but as technology develops very quickly, cyber crime matches the pace," he said. "This is a big jump from what has been seen in the past, and it should make users think twice about protecting themselves against malware on their OS X devices.

"Now that the Apple iOS is much more used, we've seen more and more malware directed at that operating system." Baumhof believes the Crisis malware may have been developed for another purpose before a cyber gang adapted the program to steal data.

Mobile new criminal target

Baumhof said mobile devices are also under attack from cyber criminals. He noted Apple recently removed an app from the App Store after discovering it contained malicious code. At a recent hackers convention, a demonstration showed how to access files on a smart phone by hacking into the near field communication element.

Baumhof said the security software commonly used to protect mobile devices is often unsuccessful against these new forms of malware. "This is a different platform with mobile devices, so the infection vector is different," he said. "The infection can come through common uses like social media. If I get a message, how do I know the link comes from a person who is really a friend? There's no way to find out."

Baumhof recommends that payment professionals pay close attention to what programs and files are being downloaded to computers because criminals are releasing applications that appear legitimate and work as promised, but still contain well hidden, malicious code. "Only click on links you can authenticate," Baumhof advised. end of article

For additional news stories, please visit www.greensheet.com and click on "Read the Entire Story" in the center column below the latest news story excerpt. This will take you to the full text of that story, followed by all other news stories posted online.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

Prev Next
A Thing