Financial threats

We have been investigating the source of the recent outbreak of the cyber-blackmail virus GpCode, which is on the loose in the Russian Internet.

New Sinowal variant claims to be from Microsoft. Sinowal is a family of password stealing Trojans which steals usernames/passwords entered via forms in an internet browser.

Yesterday I received a sample which seemed quite interesting. Turns out that the specimen was a bank Trojan which specifically targets (among others) a Dutch bank.

Over the last couple of days there’s been quite a lot of talk about a Trojan + rootkit called Hearse. We detect this malware as Trojan-Spy.Win32.Goldun.im.

Kaspersky Lab analysts have traced the source of Krotten (see yesterday’s blog by Yury Mashevsky for more information).

The program was spreading disguised as a program which would generate codes to top up mobile phones. It was placed on a site located in Russia which was hosted free of charge….

We’re starting to see a growth in the number of malicious programs which are being used to get money out of users – a type of cyber extortion.

To coincide with the release of the annual mid-year card fraud figures, APACS (the UK payments association) is launching a fraud awareness campaign using its Card Watch and Bank Safe Online initiatives.

The latest variants of Bagle that we’ve detected over the past five days show that the virus writer behind this worm is shifting focus to on-line banks and payment systems.

Police in Italy have arrested almost 40 people so far in conjunction with credit card fraud.

Recently we’ve noticed several versions of one malicious program spreading. The program encrypts users files.