Wednesday, September 30, 2009

More On the URLZone Online Banking Trojan









New Trojan Evades Banks' Anti-Fraud Systems - DarkReading

New Trojan Evades Banks' Anti-Fraud Systems

'URLZone' calculates just how much money to steal from a victim's account without raising suspicion



Sep 30, 2009 | 04:08 PM



By Kelly Jackson Higgins

DarkReading



A next-generation Trojan recently discovered pilfering online bank accounts around the world kicks it up a notch by avoiding any behavior that would trigger a fraud alert and forging the victim's bank statement to cover its tracks.



The so-called URLZone Trojan doesn't just dupe users into giving up their online banking credentials (passwords) like most banking Trojans do: instead, it calls back to its command and control server to specific instructions on exactly how much to steal from the victim's bank account without raising any suspicion, to which money mule account to send it the money, and forges the victim's on-screen bank statements so the victim and the bank don't see the unauthorized transaction.



Continue Dark Reading












Reblog this post [with Zemanta]

Disqus for ePayment News