DE RU CN DE EN ES FR JP PL UA

News & Events | Sonderangebote | Lizenzierung | Zentrum zur Bekämpfung von Cyber-Kriminalität | Unternehmen

Who makes and distributes banking Trojans?

The naive notion that solitary villains are single-handedly crafting and distributing viruses on the Internet could not be further from the truth. Isolated groups of malefactors, each specializing in its own field of cybercrime, are operating on the underground market. There are virus writers who write and modify malicious code. Trojan sales ads often appear on underground forums. Depending on a product’s complexity, its price can range from several thousand to tens of thousands of dollars. There are encryption experts—each malicious file is encrypted with a special algorithm to complicate its detection by anti-virus software. Sometimes several "layers" of encryption are applied to malignant files. By the time Trojans achieve broad distribution, their definitions have been added to virus databases and anti-virus software has "learned" to recognize their threat. At this point, Trojans require re-encryption, which is why the services of cryptologists are always in demand. And, of course, there are malware distributors who sell services to deliver malware onto target machines. For this purpose, they exploit software vulnerabilities, and use social engineering. Moreover, most distributors typically have their own networks of downloader Trojans that have already been installed on target computers. Trojans like these are designed to download and run other malicious applications on infected machines. For example, Trojan.Carberp spreads, using the Black Hole Exploit Kit which exploits browsers and operating system vulnerabilities and undocumented features. When Black Hole is involved, users need not take any action to let the Trojan into their computer systems. It happens automatically when they are browsing infected websites.

According to our estimates, virus writers have caused significant damage to individuals and financial institutions:

  • Trojan.Carberp — over 50 million euros
  • Trojan.PWS.Panda — over 36 million euros
  • Trojan.PWS.SpySweep — over 3 million euros

What systems are at risk of infection?

  • Remote banking systems accessed via a browser;
  • Remote banking systems accessed by means of Java applets;
  • Remote banking systems accessed by means of desktop applications.

Booklet "The blind do not fear snakes"

The main objective of Internet swindlers is to steal money. In the pursuit of their goal, they are constantly developing new versions of banking Trojans.

Read this booklet yourself and recommend it to your company’s CEO and CFO. After all, protecting a company’s finances against cyber theft may guarantee the success of the organization and its employees.

Go on social networks to tell your friends about this booklet and encourage them to read it!