Monday, 2 December 2013

Is your bank account under threat? Cybercriminals create one of the most advanced computer viruses ever - and even software won't protect you

Neverquest Trojan is a malicious program that can empty bank accounts

  • Its makers claim it can attack ‘any bank in any country’
  • The Trojan has already targeted 28 sites including Fidelity Investments
  • Neverquest can also use information in accounts to play the stock market
  • It hides on malicious sites and infects computers to steal login details

By VICTORIA WOOLLASTON

A team of Russian cybercriminals have created a computer virus so sophisticated it can steal the money from any bank account in any country.

Called the Neverquest Trojan, it lies hidden on malicious websites or infected computers and can steal the usernames and passwords for people’s online banking accounts.

Once it has access to these accounts it can empty them completely and is so advanced, security experts are warning that traditional antivirus software isn't enough to keep users protected. 

The Neverquest Trojan, created by Russian hackers, uses a variety of advanced methods to infect computers and steal usernames and passwords for online bank accounts.

The Neverquest Trojan, created by Russian hackers, uses a variety of advanced methods to infect computers and steal usernames and passwords for online bank accounts. Once a hacker has access to a bank account they can empty it and its makers claim the Trojan can attack 'any bank in any country'

HOW DOES NEVERQUEST WORK?

Neverquest sits on malicious websites and can infect computers when users click on links to these dangerous sites.

Special scripts have been created for the Internet Explorer and Firefox browsers and these give the cybercriminals remote access to the user’s computer. 

Once a computer is infected, Neverquest can record the usernames and passwords to online bank accounts.

This information is sent to hackers who can then use it to gain access to accounts.

After gaining access to a user’s account, cybercriminals make transactions and transfer money from the user to their own accounts or - to keep the trail from leading directly to them - to the accounts of other victims. 

Kaspersky Lab said protection against threats such as Neverquest requires more than ‘just standard antivirus’ and advises customers to be extra vigilant to make sure they only access official sites and don’t store passwords in cookies, or on their computers.

This is because the Trojan has been designed to contain ‘just about every possible trick’ known to hackers to avoid being caught and disabled.

 

According to security firm Kaspersky Lab, Neverquest has already made ‘several thousand attempts’ to infect computers and is targeting some of the world’s biggest banks and investment companies.

A total of 28 major websites are under threat and Fidelity Investments is the main target. 

Kaspersky Lab won't detail which other sites in particular have been affected for 'privacy reasons', but said the list includes sites in Germany, Italy, Turkey and India, as well as payment systems. 

It is believed the Trojan is focusing its attention on Fidelity’s customers because their online accounts also have information about stocks and shares.

‘This gives malicious users the chance to not only transfer cash funds to their own accounts but also to play the stock market, using the accounts and the money of Neverquest victims’, said Kaspersky Lab.

Neverquest sits on malicious websites and can infect computers when users click on links to these dangerous sites. 

Special scripts have been created for the Internet Explorer and Firefox browsers and these give the cybercriminals remote access to the user’s computer. 

Once a computer is infected, Neverquest can record the usernames and passwords to online bank accounts and this information is then sent to anonymous hackers who can then use these to details to gain access to the accounts.

Neverquest can also hide on what appear to be official-looking login screens but are actually webpages seeded with malicious content.

Neverquest can also hide on what appear to be official-looking login screens but are actually webpages seeded with malicious content. An example of a seeded site is pictured. All the information a user enters on this page will be transmitted to cybercriminals automatically

After gaining access to a user’s account, cybercriminals make transactions and transfer money from the user to their own accounts or - to keep the trail from leading directly to them - to the accounts of other victims.

Sergey Golovanov, Principal Security Researcher, Kaspersky Lab, said: ‘After wrapping up several criminal cases associated with the creation and proliferation of malware used to steal bank website data, a few ‘holes’ appeared on the black market.

'New malicious users are trying to fill these with new technologies and ideas. Neverquest is just one of the threats aiming to take over the leading positions.’

Kaspersky Lab also said that protection against threats such as Neverquest requires more than ‘just standard antivirus’ and advises customers to be extra vigilant to make sure they only access official sites and don’t store passwords in cookies, or on their computers. Browsers should be kept up to date, too.



Read more: http://www.dailymail.co.uk/sciencetech/article-2516768/Bank-accounts-threat-advanced-Trojans-ever.html#ixzz2mLRYMrXb 
Follow us: @MailOnline on Twitter | DailyMail on Facebook

No comments:

Post a Comment