Risk: Medium
Security experts say they've discovered a Trojan horse that records eBanking user details and web surfing habits.M
Antivirus company Sophos is warning that the Banker-AJ Trojan is targeting online customers of British banks such as Abbey, Barclays, Egg, HSBC, Lloyds TSB, Nationwide and NatWest. The Trojan affects computers running Microsoft Windows.
The company said that once installed, the Trojan waits for users to visit their online banking Web sites, then captures passwords and takes screenshots of the session. The information is relayed to the hackers behind the ploy, who use the data to steal money.
This kind of Trojan is the next step in a possible long evolution of phishing attacks. These attacks now relay people to real, legitimate sites. Once the Trojan determines that you've gone there, it starts taking keystroke logs and snap shots of machines and sends it back to the hackers.
Phishing scammers typically set up bogus web sites to capture victims' personal information. They send emails that appear to come from trusted companies to lure people to the fake sites, where victims are asked to enter information such as credit card data. Attacks frequently target bank customers, but eBay and Amazon.com have also been recent targets. Barclays Bank said it had seen the technique of using legitimate sites before. A representative for the company said, "This type of Trojan is something (we) have been aware of for some time. We are working with (the) industry to identify the next steps to help combat fraud and are interested in educating customers."
Sophos also said it had seen a similar Trojan, Tofger, a few months ago, but the technique had mainly been used in Brazil.