Partner Article

Bank hack software becomes dangerously sophisticated

Advances in bank hacking software mean your money can now be stolen while hackers sleep.

The reseach carried out at Trend Micro Inc, a security company based in Japan, shows that the most recent versions of SpyEye and Zeus have stolen as much as 13,000 euros at a time from a single account.

Vice President of Trend Micro, Tom Kellerman said that the attacks on financial insitutions in the United Kingdom, Germany and Italy are causing concern given that European banks tend to have more advanced technology defences than countries like the United States.

The progression in these pieces of software could dramatically increase the amount which is stolen from bank acounts not only in Europe but across the Atlantic.

SpyEye and Zeus can both be installed on computers which visit websites which have been compromised by hackers. Both programmes are currently being sold on the underground hacking market where additional modules can be added like those found recently.

Previous methods of hacking have included “web injection” which creates new entry fields when victims log on to sensitive websites. Users can often be asked for their account number, password and an ATM card number. These details are then sent to the hacker who can then sign in to the victims account and transfer money.

Although transfers are often time-consuming, the hacker has to think more about how much money can be transferred at any one time without raising suspicion meaning that multiple smaller transfers are often used.The new strains of SpyEye and Zeus can also present fake account balances to bank customers so that they will not notice the money going out of their accounts until it is too late.

Kellerman suggests that banks should conduct “out-of-band” authentication and suggests phone calls to customers from banks to confirm any online transfers made from their account.

This was posted in Bdaily's Members' News section by Francesca Dent .