November 1, 2008

Sinowal super trojan empties half million bank accounts

by Brian Turner

It’s being referred to as a “super trojan”, described by RSA security as “one of the most advanced pieces of crimeware ever created“.

Already nearly three years old, the Sinowal trojan – aka Torpig or Mebroot – is typical in its behaviour of trying open up user computers – but with the added twist of phishing user bank accounts.

Where it differs is not only is Sinowal being constantly updated with patches to beat security filters – it is also storing up user data on everyone its infects, which means it requires major data storage facilities.

Apparently Sinowal has been successful enough to compromise 270,000 bank accounts and 240,000 credit and debit cards across the US, UK, Australia and Poland.

The main method of delivery isn’t email spam, though, but instead through hacking websites to insert the malicious code onto visitors PC’s.

Flash and Adobe hacks have been especially common, and I’ve seen these in action myself. There’s a degree of sophistication behind this which smacks of marketing, with Sinowal hackers actively using Google Trends as a vehicle for infection.

Webmasters also need to watch out as hacking of sites these days rarely leads to destruction or political messages, but instead quiet and hard to notice insertions into the web template.

Wordpress blogs have especially become a major target of attack, not least due to users failing to keep their software updated with patches.

The result is that a significant number of websites are open to be hacked, with the Sinowal trojan being quietly inserted into the HTML code.

While various discussions suggest Russian hackers, the sheer size and scale – and organisation and complexity – of the Sinowal trojan makes it something of an anomaly in the world of malware.

If there’s one thing for certain, while online software is increasingly made accessible to users who fail to keep it updated, this is a problem that can only get much worse.

Story link: Sinowal super trojan empties half million bank accounts

Add to Bookmarks:

 

 

 

• Recent Posts

  • e-commerce essential for business success
  • Solicitor warns businesses to check their lease
  • ‘Thin clients’ can benefit small businesses
  • MindMeister app available on Google Apps Marketplace
  • SMEs optimistic for the economy

• Most read today

  • Forum admins warned on new wave of spam
  • How Google destroyed $1 billion of United Airlines
  • Santy: Automated attack on phpbb forums
  • Basic install and optimisation of a vbulletin forum
  • How to combat spam on vbulletin forums