Beware of e-banking virus out to steal passwords

The Trojan variant virus has six aliases and may come as attachements

GN Bureau | February 11, 2015


#e banking   #trojan   #e banking virus   #banking news   #technology news  

A deadly virus with six aliases is on the prowl and most vulnerable are the e-banking users.

The Trojan variant virus, which has been named as 'Cridex' attacks and steals personal login secrets and passwords of e-banking customers.

Some of the identified aliases of this banking virus are 'Geodo', 'Dapato', 'W32/Kryptik.BVB', 'Worm.Win32.Cridex', 'PWS:Win32/Zbot' and 'Trojan.Gen.2' and can be noticed by these names when they appear online.

"It has been observed that the new variants of Cridex malware are spreading widely. Cridex is an information stealing e-banking Trojan that propagates via removable drives and targets users of online banking/social media for stealing user name, passwords among others," the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to e-banking users in the country.

"Like the other major banking Trojans, the malware performs web injects into the HTML pages of financial institutions contained in the configuration file. The malware routes the users to fake banking sites for divulging user information and subsequently connects to the bank site from the victim IP address by bypassing IP reputation blocking," the agency said in its alert.

The agency said, once activated, the virus targets and steals login credentials of various banks and social networking sites like Facebook, Twitter and Instagram among others.

Steps to be taken by users

Enable firewall at desktop and gateway level; update patches and fixes of the operating system and application software; update anti-virus and anti-spyware signatures at entry points; update and install the latest updates and softwares to protect computer from viruses, Trojans; guard against social engineering attacks; opt for strong passwords with alpha numeric characters; resist temptations of opening attachments from known or unknown sources and do not download pirated software.

What is CERT-IN?

CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology (IT) security organization. The purpose of CERT-In is to respond to computer security incidents, report on vulnerabilities and promote effective IT security practices throughout the country.

CERT-In was created by the Indian Department of Information Technology in 2004 and operates under the auspices of that department. According to the provisions of the Information Technology Amendment Act 2008, CERT-In is responsible for overseeing administration of the Act.

CERT organizations throughout the world are independent entities, although there may be coordinated activites among groups. The first CERT group was formed in the United States at Carnegie Mellon University.

Comments

 

Other News

Food security: Solution lies in traditional food

After spending almost a month among tribals of Mandla in Madhya Pradesh, I can confidently say that by restricting ourselves to Public Distribution System (PDS), we cannot solve the food security issues of the country.   The problem is graver. In a district like Mandla, where aboriginals like Bai

Wholesale price index inflation down

The annual rate of inflation, based on monthly Wholesale Price Index (WPI), stood at 2.60% (provisional) for the month of September, 2017 (over September,2016) as compared to 3.24% (provisional) for the previous month and 1.36% during the corresponding month of the previous year, authorities said.

Digital India to provide 20-30% increase in India’s GDP by 2025: Alphons

Digital India program has the potential to provide an incremental 20-30 percent increase in India’s GDP by 2025. Since its launch in July 2015, significant progress has been made in several initiatives under Digital India, said union minister KJ Alphons. Several of the flagship project

Senior railway officer Achal Khare on the bullet train roadmap

Achal Khare, MD, National High Speed Rail Corporation, is a man with big responsibility – of realising India’s dream of running a bullet train. In conversation with Vishwas Dass, Khare lists various challenges before the NHSRCL – the executing agency of the Ahmedabad-Mumbai high speed

Why bullet trains are unsuitable for India

Many will be surprised to know that 80 years ago, trains ran at a faster speed in North America and Western Europe than in India today. On the shorter distances (up to 500 km), daytime inter-city trains achieved average speed of 120 to 130 kmph, and on the longer routes (more than 1,000 km) speed was only

Biting the bullet train

If all goes well, India’s first high-speed train would zip by in  December 2023. In fact, railways minister Piyush Goyal is even confident that the 508-km Ahmedabad-Mumbai high-speed rail (HSR) project would be completed much before that, by August 2022 – on the country’s 75th indepe



Video

Finally Talwar’s out from Dasna  jail

Current Issue

Opinion

Facebook    Twitter    Google Plus    Linkedin    Subscribe Newsletter

Twitter