The Trojan variant virus has six aliases and may come as attachements
GN Bureau | February 11, 2015
A deadly virus with six aliases is on the prowl and most vulnerable are the e-banking users.
The Trojan variant virus, which has been named as 'Cridex' attacks and steals personal login secrets and passwords of e-banking customers.
Some of the identified aliases of this banking virus are 'Geodo', 'Dapato', 'W32/Kryptik.BVB', 'Worm.Win32.Cridex', 'PWS:Win32/Zbot' and 'Trojan.Gen.2' and can be noticed by these names when they appear online.
"It has been observed that the new variants of Cridex malware are spreading widely. Cridex is an information stealing e-banking Trojan that propagates via removable drives and targets users of online banking/social media for stealing user name, passwords among others," the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to e-banking users in the country.
"Like the other major banking Trojans, the malware performs web injects into the HTML pages of financial institutions contained in the configuration file. The malware routes the users to fake banking sites for divulging user information and subsequently connects to the bank site from the victim IP address by bypassing IP reputation blocking," the agency said in its alert.
The agency said, once activated, the virus targets and steals login credentials of various banks and social networking sites like Facebook, Twitter and Instagram among others.
Steps to be taken by users
Enable firewall at desktop and gateway level; update patches and fixes of the operating system and application software; update anti-virus and anti-spyware signatures at entry points; update and install the latest updates and softwares to protect computer from viruses, Trojans; guard against social engineering attacks; opt for strong passwords with alpha numeric characters; resist temptations of opening attachments from known or unknown sources and do not download pirated software.
What is CERT-IN?
CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology (IT) security organization. The purpose of CERT-In is to respond to computer security incidents, report on vulnerabilities and promote effective IT security practices throughout the country.
CERT-In was created by the Indian Department of Information Technology in 2004 and operates under the auspices of that department. According to the provisions of the Information Technology Amendment Act 2008, CERT-In is responsible for overseeing administration of the Act.
CERT organizations throughout the world are independent entities, although there may be coordinated activites among groups. The first CERT group was formed in the United States at Carnegie Mellon University.
Prime Minister Narendra Modi has laid the foundation stone of hydro engineering college at Bilaspur in Himachal Pradesh. The college, being set up by National Thermal Power Corporation (NTPC) and NHPC, will provide B Tech courses in mechanical, electrical, civil and computer science discipl
Bharat Heavy Electricals Limited has commissioned a three Mega Watt solar photo voltaic power plant in Dadra and Nagar Haveli. BHEL executed this project on a turnkey basis for Dadra and Nagar Haveli power distribution corporation limited at Velugam. It
Time to go back to the drawing board, said Delhi chief minister and Aam Aadmi Party leader Arvind Kejriwal on Saturday, days after his party failed to make its mark in the Delhi civic elections. In a message, Kejriwal said that in the last 2 days, I spoke to many vo
The tax net needs to be expanded and the rich farmers must pay up their taxes. This week saw quite a bit of going back and forth over this prickly issue after Niti Aayog member Bibek Debroy batted for taxing agricultural income. Niti Aayog vice chairman A
A giant yellow inflatable schistosomiasis worm, with ‘Making Schistory’ printed on it, floated on Lake Geneva, marking the five years since the London Declaration on neglected tropical diseases (NTDs). Though in 2015 about 1.59 billion people received treatment for at least
In order to provide broadband connectivity of BharatNet to post offices in rural areas, Bharat Broadband Network Limited (BBNL), department of posts and Bharat Sanchar Nigam Limited (BSNL) have signed a tripartite agreement. The agreement is the first tri-partite MoU which