SpyEye trojan hits online banking sites
A new Trojan threatens to stealthily victimize online banking customers by targeting banking transactions that use text messaging to send confirmation codes. Researchers at Trusteer said the SpyEye Trojan lets thieves change the mobile phone number in a consumerâs online banking account and reroute text messages to the criminalâs phone. âThis latest SpyEye configuration demonstrates that out-of-band authentication (OOBA) systems, including SMS-based solutions, are not fool-proof. Using a combination of MITB (man in the browser injection) technology and social engineering, fraudsters are not only able to bypass OOBA but also buy themselves more time since the transactions have been verified and fly under the radar of fraud detection systems," the researchers at Trusteer said. It said the new technique allows cybercriminals to perform transactions on the consumerâs account without their knowledge. According to the researchers, the malware first steals the login information to the consumerâs account, allowing a thief to access the account without alerting the bank or consumer. The malware then injects a fake page into the web browser on the victimâs phone. The fake page, which resembles that of the real bank, claims a new security system is being implemented. But for the victim to qualify for this, he or she must âregister" with the bank, and part of the process includes typing the original confirmation code into the spoofed webpage. âThis allows the criminals to steal the confirmation code they need to authorize changing the customerâs mobile number," Trusteer said. With the code, the fraudsters can receive all future SMS transaction verification codes for the hijacked account via their own telephone network. This allows them to use the SMS confirmation system to divert funds from the customerâs account without their knowledge, while not triggering any fraud detection alarms. âThe only way to defeat this new attack once a computer has been infected with SpyEye is using endpoint security that blocks MITB techniques. Without a layered approach to security, even the most sophisticated OOBA schemes can be made irrelevant under the right circumstances," Trusteer said. â TJD, GMA News