Two new pieces of malware have been discovered that are intentionally aiming themselves at UK banking customers.
Security company Trusteer found the malicious programs, which are said to "fly under the radar" of anti-virus software to steal online banking logins in order to commit fraud.
Silon.var2 has been found on one in every 500 computers in the UK compared to one in 20,000 in the US and Agent.DBJP was found on one in 5,000 compared to one in 60,000 across the Atlantic.
The company has also discovered two new Zeus botnets aimed at UK consumers, which have only been found on UK machines and only target UK-based banks.
"To help avoid detection and maximise return on their effort, the clever criminals are using UK centric spam lists and compromised websites based in the UK to spread the malware that targets bank customers," said Trusteer.
The company is predicting significant further losses in 2011 from these types of regional malware.
"This indicates a shift in financial criminal activity and requires some special attention from financial organisations," said Mickey Boodaei, chief executive (CEO) of Trusteer.
"Unlike known malware kits such as Zeus, Torpig, and Ambler which simultaneously target hundreds of banks and enterprises around the world and are on the radar of all security vendors, regional financial malware such as Silon.var2 and Agent.DBJP are highly targeted."
He explained the fraud technique further, saying: "In the UK, each campaign would usually focus on three to seven banks and target them for a period of six to nine months. It then morphs and changes the list of targets, using a new more advanced version of the malware."
But the UK is not the only country suffering from this targeted type of threat, with both Germany and South Africa facing similar problems.
Trusteer claimed the best way to tackle the problem was for regional banks to work together and share information in an attempt to identify and deal with future attacks.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomwareNews The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
-
Beating the bad bots: Six ways to identify and block spam trafficIn-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
-
Ukraine's vigilante IT army now has a DDoS bot to automate attacks against RussiaNews The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders
-
Microsoft's secure VBA macro rules already being bypassed by hackersNews Recent analysis of Emotet activity has revealed a shift away from malicious Office documents to drop malware
-
Emotet infrastructure has almost doubled since resurgence was confirmed
News Researchers confirm the infrastructure has also been upgraded for a "better secured", more resilient operation
