Virus 'thief money' is actually already found a few years ago, but gradually more and more sophisticated malicious programs feared could lead to huge losses. Drug to counteract some of the virus had been found. But cyber criminals are not losing my mind, they are often modified with the latest techniques in order to successfully pass the various protection systems.
According to JD Sherry, Director of Global Technology and Solutions Trend Micro, there are at least 6 internet banking virus is quite dangerous to date, and all of them still could result in losses that are not small.
Here are 6 virus 'thief money' which, according to Trend Micro should be wary because very shrewd.
1. Citadel
In the ancient Citadel used as a last defense of a kingdom. So, usually form large, sturdy, and comes with a variety of weapons systems.2. Tinba
In modern times this name instead dicatut Citadel cyber criminals to name a malignant virus. Viruses are designed to drain the victim accounts.
Citadel is a virus that made the source code of Zeus, one of the viruses are also quite sophisticated. The difference Citadel was created specifically to attack internet banking.
Virus found Citadel began in January 2012, since the malicious program is constantly being developed to achieve the latest home version in October 2013. Until now, the virus is thought to still circulate freely.
One observer virus named Amit Klein wrote many stories about Tinba on his personal blog. This is one of the attackers virus should be wary of internet banking.3. Eurograbber
Tinba emerged from the underground hacker community about 9 months ago. This malware is designed to steal money.
Originally methods used Tinba still relatively unusual, even to say a little old school compared with virus like. But in January 2013 found a new version Tinba more sophisticated, able to outsmart even sitem two-way authentication from the bank.
"When victims accessing their bank pages, Tinba will display a page very similar to the bank," writes Klein.
But when trying to login into the page, the user precisely which display the error page. This is where the process starts data theft.
In accordance with its name. The virus is designed to drain money internet banking users in Europe, even until the end of 2012 and at least 36 million euros ($ 455 billion) were successfully ditilep the virus.4. SpyEye
Eurograbber first discovered by a security agency named Check Point Software Technologies, later assisted also by other institutions of Israel named Versafe. They say that this malicious program is designed to attack the banking sector.
In operation it is not only attacking the virus through a computer, but also infiltrated the smart phones with their targets. Upon successful entry, it will download some application components to be in action.
Eurograbber first discovered in Italy, then spread to some parts of Europe such as Germany, the Netherlands and Spain. At least there are thousands of victims from 30 different banks that successfully infected by the virus.
Analysis and Guardian and McAfee announced the findings of a new virus called SpyEye. It is said that this malicious program created by programmers who know well about internet banking systems work.5. Gozi-Prinimalka
Just like the Citadel, SpyEye is based source code of Zeus. It's just this program to attack specific targets, such as corporate transactions, or users who have savings very much.
SpyEye said to be great because it managed to avoid the various protection systems. The virus even said quite ingenious, it was difficult to detect when the transaction took place.
"They know how to make the transaction as if it occurred. Clearly, these people (the author-ed) to know more than just understanding the internet banking," said David Marcus, Director of Advanced Research and Threat Intelligence McAfee, as quoted of CRN.
If Eurograbber attacking the banking system, then Gozi-Prinimalka made to beat the internet banking system in the United States.6. High Roller
Trend Micro managed to capture and analyze Gozi-Prinimalka, after the surgery turns out this sinister program has several unique among similar applications.
To steal information from its victims, the virus will first create a backdoor using eklpoitasi Java Script. There are two backdoor that will be created, and BKDR_URSNIF.DN BKDR_URSNIF.B both are connected in real time to the control system of the virus.
This virus stolen data was not only stored on the hard drive, but also stored in memory while the browser.
In America this virus at least have made a restless 3 banking institutions, they are TDBank, Firstrade, Options Xpress. The trio then do the repair system to fend off the attack.
The last virus spread pretty much terror is the High Roller. It is said that this is one of the biggest attacks in the banking industry world.
Unlike other programs that only malicious attacks clandestinely, High Roller could launch attacks from multiple directions blindly.
The virus is more difficult to trace because it does not have the Comand Center in physical form. Actors are smart enough to make the control system in the 'cloud', making it difficult to trace.
Basically the High Roller is made of a combination of Zeus and SpyEye virus, then in it there are also some conventional information theft techniques that are common in cyberspace.
Advanced technology High Roller makes it quite difficult muzzled, even to this day. Therefore, all the banks are advised to remain vigilant.
"By using a cloud system, High Roller has a new attack techniques. They difficult to analyze and difficult to detect its presence," said Chris Silveira, Manager of Fraud Intelligence of Guardian Analytics.
