Banks and other financial institutions have been warned about the growing threat of more advanced and sophisticated financial malware pieces.
Attackers have the new malware, and new techniques , such as the management of the Trojans through blogs , according to a report from NSS Labs , which analyzes the evolution of financial malware threats during the third and fourth quarters of last year.
edge
The report notes that there has been a lot of innovation in the financial malware in recent years , with the emergence of new suites of malware, including Hesperbot and Beta Bot .
malware security - Shutterstock: © Marcio Jose Bastos SilvaThis has joined the arrival of new techniques, such as command and control ( C2) replacing servers with blogs. According to NSS Labs , cybercriminals have "changed blog sites using Yahoo! to communicate with botnet malware as Taidoor Using benign looking blog pages - . Instead of traditional 'command and control ' ( C2) servers - makes it difficult for victims to discover the presence of Taidoor networks . "
According to vice president of research Dr. Ken Baylor , financial malware is on the forefront of technology botnets and financial crime . He said that the threat of malware are updated using SSL to encrypt their communications with C2 servers to better hide the type of data being stolen , and receive new instructions .
He warned that there is a growing pattern of new financial malware Trojans appearing first in Europe and then spreads outwards from U.S. banks and account holders . For example in September last Hesperbot Trojan was first discovered by researchers at ESET , and I was using a domain that aims to belong to the Czech Postal Service .
"The trend continues Trojans emerging through specific campaigns in Europe and then spread throughout Europe before coming to the U.S. banks ," wrote Dr. Baylor in the report.
best countermeasures
And Dr. Baylor believes that banks need to improve their internal security measures to address the changing threat landscape .
Specifically , it is believed that banks need to better invest in more advanced engines to better identify fraud risk potentially fraudulent transactions , as banks now have a multi-layered approach to combat fraud account.
" The rapid development of new platforms for malware, as Hesperbot requires banks to have in-depth security rather than relying on traditional patterns of attack," the report warned . "Recent Bots are using Secure Sockets Layer ( SSL) to communicate with their C2 servers. "
Another problem has also come filtration Carberp source code, which " will likely lead to new generations of malware Carberp . " Trusteer discovered in June that the source code on underground forums of up to $ 50,000 ( £ 30.446 ) is offered .
Banks should also conduct periodic risk assessments to ensure that keeping ahead of these evolving risks , said NSS Labs to not only comply with the rules of compliance, but to "avoid catastrophic losses in an innovative environment banking malware. "
Dr Baylor noted that financial institutions should " invest in modern engines antifraud risk for abnormalities user-level historical transactions between customers and current transactions under consideration. "
Attackers have the new malware, and new techniques , such as the management of the Trojans through blogs , according to a report from NSS Labs , which analyzes the evolution of financial malware threats during the third and fourth quarters of last year.
edge
The report notes that there has been a lot of innovation in the financial malware in recent years , with the emergence of new suites of malware, including Hesperbot and Beta Bot .
malware security - Shutterstock: © Marcio Jose Bastos SilvaThis has joined the arrival of new techniques, such as command and control ( C2) replacing servers with blogs. According to NSS Labs , cybercriminals have "changed blog sites using Yahoo! to communicate with botnet malware as Taidoor Using benign looking blog pages - . Instead of traditional 'command and control ' ( C2) servers - makes it difficult for victims to discover the presence of Taidoor networks . "
According to vice president of research Dr. Ken Baylor , financial malware is on the forefront of technology botnets and financial crime . He said that the threat of malware are updated using SSL to encrypt their communications with C2 servers to better hide the type of data being stolen , and receive new instructions .
He warned that there is a growing pattern of new financial malware Trojans appearing first in Europe and then spreads outwards from U.S. banks and account holders . For example in September last Hesperbot Trojan was first discovered by researchers at ESET , and I was using a domain that aims to belong to the Czech Postal Service .
"The trend continues Trojans emerging through specific campaigns in Europe and then spread throughout Europe before coming to the U.S. banks ," wrote Dr. Baylor in the report.
best countermeasures
And Dr. Baylor believes that banks need to improve their internal security measures to address the changing threat landscape .
Specifically , it is believed that banks need to better invest in more advanced engines to better identify fraud risk potentially fraudulent transactions , as banks now have a multi-layered approach to combat fraud account.
" The rapid development of new platforms for malware, as Hesperbot requires banks to have in-depth security rather than relying on traditional patterns of attack," the report warned . "Recent Bots are using Secure Sockets Layer ( SSL) to communicate with their C2 servers. "
Another problem has also come filtration Carberp source code, which " will likely lead to new generations of malware Carberp . " Trusteer discovered in June that the source code on underground forums of up to $ 50,000 ( £ 30.446 ) is offered .
Banks should also conduct periodic risk assessments to ensure that keeping ahead of these evolving risks , said NSS Labs to not only comply with the rules of compliance, but to "avoid catastrophic losses in an innovative environment banking malware. "
Dr Baylor noted that financial institutions should " invest in modern engines antifraud risk for abnormalities user-level historical transactions between customers and current transactions under consideration. "
ليست هناك تعليقات:
إرسال تعليق