The rise of money stealing trojans
Trojans are everywhere. You receive them by e-mail, download from popular file sharing networks, install by clicking on malicious links in instant messages or by surfing to fake security-related web sites. Modern trojans are the most widely spread parasites. They are used to drop other malware, log user keystrokes, provide unauthorized remote access to the compromised computer and do much more. Surprisingly, some computer users got used to trojans and do not even try to completely get rid of them. One might say, “Why should I have to spend hours eliminating threats, if my system will end up infected after a few days?” However, this point of view is totally wrong, especially, when new type of trojans is on the rise. Those are money stealing trojans.
New trojans are very similar to “regular” password stealing parasites. They usually arrive attached to bogus e-mails. You can also install them by clicking on harmless looking links in instant messages or fake greeting cards. However, their payload is rather different. New threats do not attempt to steal local passwords or system information. Instead, they lurk in background waiting for you to visit a banking site and log on to your account. Then money stealing trojans just transfer your money out. Logging on to check your balance may result in a loss of all your savings!
Unfortunately, neither of authentication technologies used by bank sites can prevent the thefts. The makers of new trojans do not need your account details. They do not have to steal any passwords from you and try to log on later. They receive your money without making any efforts.
Although money stealing trojans are quite rare today, as they work with only a few online banking sites, it is only the matter of time when new banks will be added. Let’s hope anti-spyware and antivirus vendors around the globe will react in time. We cannot let thieves to cause an epidemic.