Privacy Add-Ons for Your Favourite Browser
November 16, 2015
Block Ads With Ad-Blocks
November 23, 2015
Show all

Malwares Threaten to Empty Your Bank Accounts

Digital banking (also known as Internet banking or online banking), has seen rapid advancements over the past few years with 14.6 million subscribers in Malaysia. It is expected to expand even further over the next few years with the strong usage of smartphones, tablets and as the Internet is part and parcel of our daily lives.

Most online banking users are probably aware of the many risks that come with performing financial transactions digitally. This is because the average user is most likely aware of the potential dangers that could come if their credentials fell into the wrong hands. Kasperky Lab’s Q3 report shows there were over 626,000 attempts to launch malware capable of stealing money through access to users’ online banking, and 5.68 million notifications about attempted malware infections to steal money from users via online access to bank accounts. In fact, Malaysia is one of the top 10 countries in the world hit the hardest by online banking malware. This is due to the reason that many Malaysians adopt internet banking, with Malaysia’s Internet banking penetration rate at approximately half of the country’s population.

Recently, malware has been affecting the online banking in Malaysia and many notices were presented to educate and remind their customers regarding this malicious malwares, as well as steps to perform safe online banking. Banks such as Maybank with their Maybank2u, CIMB with their CIMB Clicks, and OCBC have all respectively posted security advisories to customers to be constantly vigilant of the dangers these malwares could bring in their financial transactions.

 

What is malware?

stealing-bank-details-600x400

Source: Tech Week Europe

Malware is an abbreviation for malicious software, whereby it is designed to specifically to gain access or damage a computer without knowledge of the owner. It is an umbrella term used to describe a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. Malware can be in the form of executable code, scripts, active content, and other software.

The common types of malware includes spyware whereby the main purpose is to steal sensitive information, adware designed for forced advertising, and keyloggers in which is a type of surveillance software that has the capability to record every keystroke you make. Another very common malware would be zombie computers, which causes the computer to be taken over by a hacker without the knowledge of the owner, and begin sending out massive amounts of spam or attack web pages. Ransomware is a type of malware that forces its victim to pay the ransom through online payment methods in order to grant access to their system.

 

Various types of malware

  • Zeus (aka. Zbot)

Zeus is among the most dangerous malwares that can affect a user. It was especially popular in 2006 as the tool of choice for hackers stealing online banking credentials by man-in-the-browser keystroke logging and form grabbing. There are various variants to the Zeus family such as Zeus Gameover (P2P), SpyEye, Ice IX, Citadel, Carberp, Bugat, Shylock and Torpig. In general, Zeus is a type of Trojan available on the black market that allows hackers to design and customise their Trojan-building toolkit. Dell claims that this program aimed at stealing private data costs around $3000-$4000 in the criminal underground. Infection is spread in many different ways, including email attachments and malicious Web links, but due to the adaptable nature of the Zeus, it is often missed by anti-virus software.

 

  • Dyre

Dyre is a malware variant which lately has had renewed attacks on banks due to the Trojan’s mutation which is even capable of killing the victims’ security software. As outlined by CIMB’s security notice to their customers to exercise caution, Dyre spreads when users open malicious attachments from phishing emails. When such infected attachments are opened, the malware will be installed on the victim’s computer and acts as a man-in-the-browser to steal online banking credentials. Dyre is able to inject new screens into an online banking session to trick victims into providing your banking credentials (for example, User ID, Password or One Time Password (OTP).

devcentral

Source: DevCentral

 

  • Heartbleed

This Heartbleed bug has been discovered in OpenSSL, an open source software that protects sensitive data online. The virus targets sites that use the HTTPS code in their URL and will be able to extract sensitive information from affected servers of online services. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications.

 

  • Cryptlocker

One of the most well-known ransomware, Cryptlocker, encrypts system files and demands a ransom for decryption key. After encrypting the victim’s data, it displays a message which states that the victim’s private information can be decrypted for a sum of money in a limited period of time. Albeit victims can remove the Cryptlocker with some security solutions, there is little way for the victim to decrypt the locked files, which means they lose the files without having any chance of recovering them.

 

The role of VPNs in online banking

Although anti-malware programs may scan through incoming internet traffic and issue warnings against clicking malicious links, it does not have the function to encrypt your internet connections, so any data can still be read in plain text when utilizing an unsecured public connection. Hence, if you are accessing your online banking from a public Wifi location, using a Virtual Private Network (VPN) is great tool for securing your online and digital banking due to its encryption. A VPN can assist in securing your connection by encrypting your data, making it unreadable by others so that no unauthorized third parties can read it. By surfing through a VPN server, it helps to conceal your location and prevent tracking by offering new IP addresses, thus helping to prevent any exposures of your sensitive financial transactions when using public hotspots and safeguarding any data exchange.

However, do note that using a VPN forms only one part of a protection system for your Internet or online banking transactions as even a VPN may not be able to fully protect your online experience against the dangerous and ever-evolving malwares out there. To provide better protection and mitigate the risk against malwares, it is essential to use a VPN to encrypt your connection on top of your anti-malware programs which perform regular scans for any malware.

onlinebank_robbery

Source: Peter C. Vey

 

Sources:

[1] Digital News Asia

[2] PC Tools

[3] Heimdal Security

[4] CIMB

Leave a Reply

Your email address will not be published. Required fields are marked *