How would you feel about a computer infection that could lie to your bank about your online transactions? What would happen if details such as who you are paying and how much, could be changed without you knowing it?
That’s exactly what can happen with the current crop of transactional trojans. This is called screen injection, HTML overlayor the man-in-the-browser attack.
This type of infection can spy on you while you are online at many banking sites. ATM PINs, social security numbers and answers to secret questions are the types of information that will be stolen.
Previously, we’ve written about the Zeus trojan, which is the current king of the transactional trojans. Zeus used some very unique command-and-controlinterfaces that actually fooled security experts into giving up information. The Zeus trojan was also used to infect hundreds of U.S. Government employees when they opened a fake Christmas Card email from the White House.
If that’s not scary enough, there are more trojans out there that are being bred to compete with Zeus. According to TrustDefender, a well known security provider, a trojan named Carberp has recently added a whole slew of new features. These new features are intended to make it just as useful to black hats as Zeus. Here are some of the features:
- It can run on non-administrator accounts.
- It can infect XP, Vista and Seven machines.
- It doesn’t make changes to the Window registry.
- It hooks into the web browser to control all internet traffic.
- It’s able to transmit real-time data to it’s masters.
It also covers it’s identity by appending random data into itself to foil normal anti-virus detection. The fact that it can run in non-admin mode and doesn’t write to the registry also makes it harder to detect. To most security software, Carberp could appear to be a simple browser add-on or extension.
The older Zeus trojan hasn’t been improved recently, and it looks like there’s a battle brewing that will decide the next popular trojan. Carberp is in the running with two or three others, such as SpyEye and Gozi.
It’s a rat race, with security experts always trying to build a better trap for the fast rats that keep breeding even faster rats. The security field profits from this race and so do the hackers.
We are the big losers.