M86 Security has revealed that a major UK financial institution is being targeted by web-based malware specifically designed to steal money from various accounts.
Security researchers have discovered an Eastern European command centre which is using the latest version of the Zeus Trojan to directly target customers of a major financial institute in Britain.
M86 is working with the affected institution however, the attack is ongoing and is predicted to have already taken around £675,000 from 3,000 accounts since it was first detected on 5 July this year.
The trojan works through third-party components of legitimate websites, and because the attackers regularly switch hosts, M86 have said that the malware is extremely difficult to trace and block.
Once a computer is infected, the trojan lies dormant until users connect to their online banking accounts when it becomes activated and hijacks the victims banking sessions, often undetected by anti-virus software.
Bradley Anstis, vice-president of technical strategy at M86 has said that the cybercriminals involved are using legitimate certificates obtained fraudulently to enable communications using SSL, making this attack even harder to detect and prevent.
Return to security news headlines
View Security News Archive