Beware of e-banking virus out to steal passwords

The Trojan variant virus has six aliases and may come as attachements

GN Bureau | February 11, 2015


#e banking   #trojan   #e banking virus   #banking news   #technology news  

A deadly virus with six aliases is on the prowl and most vulnerable are the e-banking users.

The Trojan variant virus, which has been named as 'Cridex' attacks and steals personal login secrets and passwords of e-banking customers.

Some of the identified aliases of this banking virus are 'Geodo', 'Dapato', 'W32/Kryptik.BVB', 'Worm.Win32.Cridex', 'PWS:Win32/Zbot' and 'Trojan.Gen.2' and can be noticed by these names when they appear online.

"It has been observed that the new variants of Cridex malware are spreading widely. Cridex is an information stealing e-banking Trojan that propagates via removable drives and targets users of online banking/social media for stealing user name, passwords among others," the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to e-banking users in the country.

"Like the other major banking Trojans, the malware performs web injects into the HTML pages of financial institutions contained in the configuration file. The malware routes the users to fake banking sites for divulging user information and subsequently connects to the bank site from the victim IP address by bypassing IP reputation blocking," the agency said in its alert.

The agency said, once activated, the virus targets and steals login credentials of various banks and social networking sites like Facebook, Twitter and Instagram among others.

Steps to be taken by users

Enable firewall at desktop and gateway level; update patches and fixes of the operating system and application software; update anti-virus and anti-spyware signatures at entry points; update and install the latest updates and softwares to protect computer from viruses, Trojans; guard against social engineering attacks; opt for strong passwords with alpha numeric characters; resist temptations of opening attachments from known or unknown sources and do not download pirated software.

What is CERT-IN?

CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology (IT) security organization. The purpose of CERT-In is to respond to computer security incidents, report on vulnerabilities and promote effective IT security practices throughout the country.

CERT-In was created by the Indian Department of Information Technology in 2004 and operates under the auspices of that department. According to the provisions of the Information Technology Amendment Act 2008, CERT-In is responsible for overseeing administration of the Act.

CERT organizations throughout the world are independent entities, although there may be coordinated activites among groups. The first CERT group was formed in the United States at Carnegie Mellon University.

Comments

 

Other News

80 percent abortion in India through medicines: Lancet

 Three in four abortions in India are through drugs from chemists and informal vendors rather than from health facilities, said a report in The Lancet. An estimated 15.6 million abortions were performed in the country in 2015, reports The Lancet in its latest released paper on ‘Inciden

A turbulent journey so far for seaplanes in India

Prime minister Narendra Modi’s seaplane ride in Gujarat is certainly unique, but it is not as historic as it is being made out to be. Gujarat chief Minister Vijay Rupani said this is for the first time in the history of the country that a sea-plane will land on a water body and that wi

GAIL fast tracks implementation of Pradhan Mantri Urja Ganga project

 GAIL has awarded a contract for laying 520 km gas pipeline connectivity from Dobhi (Bihar) to Durgapur (West Bengal), including 120 km line to Jamshedpur (Jharkhand). With these awards, major contracts for phase two of the Jagdishpur-Haldia and Bokaro-Dhamra natural gas pipeline (JHBDPL) project have

Indane LPG refill booking through FB, Twitter launched

 IndianOil corporation (IOCL) has launched Indane LPG cylinder refill booking through social media platforms like Facebook and Twitter. Director (marketing) Gurmeet Singh emphasised on the need to leverage technology and the growing social media to provide simpler and effective options to cu

Time for India to adopt DNA forensics to solve crime

Forensic DNA has emerged as the world’s greatest crime fighting technology. Many countries are effectively using forensic labs and protocols to collect, test and compare DNA at crime scenes with that of suspects with promising results. While the law machinery the world over is increasi

Do you think sea-planes can be used to improve air connectivity?

Do you think sea-planes can be used to improve air connectivity?



Video

Current Issue

Opinion

Facebook    Twitter    Google Plus    Linkedin    Subscribe Newsletter

Twitter