UK IT Industry Awards

Where am I? >
Home >
News >
Security > Hacking

Highly infectious malware targets banks

By Stuart Sumner

Follow Stuart on Twitter

12 May 2011

Be the first to comment

A new Trojan that is able to extract private financial information including credit card details from infected users has been identified.

The malware, known as the Sunspot Trojan, targets Windows machines and is able to carry out man-in-the-middle attacks, where information is captured in transit between the user and the bank.

Further reading

It can also execute web injections, page-grabbing and key-logging attacks.

Trusteer CTO Amit Klein warned that most anti-virus products are currently unable to detect the malware.

"The detection rate for Sunspot by leading antivirus programs is painfully low. According to a Virus Total analysis, only nine of 42 antivirus programs tested currently detect Sunspot."

Sunspot has already been responsible for financial losses in the US.

"It is currently targeting North American financial institutions and has already achieved SpyEye and Zeus-like infection rates in some regions. There are confirmed fraud losses associated with Sunspot, so the threat is real."

Unusually, Sunspot was not originally developed as a malware platform.

"We could be witnessing a sea change in malware development where general purpose and little known malware platforms are re-programmed to carry out financial fraud. This will make it even more difficult to defend against attacks since banks will be ambushed by a growing number of unique financial malware platforms."

Reader comments

Add your comment

Have your say on this article

Your name
Email address
Comment title
Your comment

All fields required. Your email address will not be displayed on the site.

By submitting a comment you agree to abide by our Terms & Conditions

Submit

Newsletters

Sign up for our FREE newsletters

Large companies such as Microsoft, Facebook and Google have been hoovering up technology patents recently. Is this stifling innovation?

Yes! These firms are spending billions on the rights to sue one another, rather than focusing on creating new products.

87 %

No! The knowledge that firms are stringently searching for any IP infringement means that new products must be genuinely innovative, and borrow nothing from previous designs if they are to remain in stores and out of the courtroom.

5 %

It doesn't matter! The only useful thing left to be invented is time travel, so I can go back to a time when I had more hair.

8 %

Influence - Consumerisation

Enterprise use of mobile mashups

Case studies & reports

Cloud computing insights from 110 implementation projects

Case studies from large organisations across all sectors

The lesson of 2012: prepare now for increased data volumes

... And rich media, and flexible working, and peaks in traffic ...

More case studies and reports

Upcoming Events

Gain better control of your data with enterprise database consolidation

Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.

Date: 31 May 2012

Time: 11:00 AM

Top 10 causes of IT disasters – and how to deal with them

Concept image of data backup with life preserving floating on background of binary data

Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.

Date: 13 Jun 2012

Time: 11:00 am

More events

Job of the week

More IT Jobs

IT job alerts

Receive the latest jobs direct to your inbox

IT job finder

IT salary checker

Are you being paid what you are worth?

Check Salary

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

Highly infectious malware targets banks

EMC World 2011: Security needs a new model for virtual world

Baroness Neville-Jones resigns as security minister

Security holes found in Oracle's ERP applications

Sign up for our FREE newsletters

Kaspersky Lab backtracks on statement, clarifies relationship with Apple

Nine out of 10 custom-built web applications vulnerable to attack

SOCA website brought down by cyber criminals (UPDATED)

Does virtualisation cause data centre bottlenecks?

Cloud security, how to balance the risk

Staff recruitment and retention - Andy Dancer, CTO EMEA, Trend Micro

Security firm finds new attack targeting online banking customers

Malware authors get social to improve cyber attacks

Stolen Facebook and Twitter log-ins on sale for $30 each

Fraudsters fuse Zeus and Ramnit to fleece financial institutions

Malware infects Virgin Media customers

SENIOR ANALYST, MODEL REVIEW - LONDON - UP TO £40,000

Senior Java Applications Developer

Systems Analyst / Software Developer – ASP.NET / VB.NET

Large companies such as Microsoft, Facebook and Google have been hoovering up technology patents recently. Is this stifling innovation?

Flame virus: son of Stuxnet uncovered in Middle East

Retailer slams ICO over "embarrassing banality" of revised cookie law guidance

Storage capacity slowdown can be buffered by virtualisation, says HDS’ Yoshida

HP: 27,000 job cuts by 2014, Mike Lynch to leave (NEW UPDATE)

RIM to shed 2,000 more staff