The Mother of All Banking Trojans
Until recently, there were two main brands of Banking Trojan frameworks: Zeus and Spy Eye. Zeus was the the Trojan that famously utilized Facebook as an attack vector last year. Move over guys, there's a new kid on the block; Feodo, which has the ability to deliver a payload that attacks over a dozen different banking institutions. Man, that's scary!
That's not the scariest one though, that honor belongs to URLZone, which, if legend is to be believed, doesn't just steal your credentials, it actually transfers money out of your account (literally out from under your nose) but manipulates the browser to keep showing you your old balance.
It is said that Charles Darwin lost his religion after observing a specific wasp that laid its eggs into its victims, causing them to die in agony as their offspring ate their way out (it’s an apocryphal story but a good one anyway). Well, URLZone was like that for me: I couldn't sleep knowing that each time I touched my bank account I might be letting the bad guys take all my money. I eventually made an appointment with a neighborhood broker and invested that money to keep it safe.
Now there's rich irony for you -- moving money from your bank into equities to keep it safe.
It shouldn't be like that, should it. The FBI says that Zeus, Spy Eye and URLZone stole $100 million in 2008 and 2009. One would expect Cyber-crime gains to be even larger this year as Feodo makes the rounds.
At the same time, it doesn't seem like Online Banking is going away, does it? In fact, your bank is encouraging you to do all your banking (including bill paying) online now, aren't they?
If you were to plot these two trends, rising cyber-crime and increasing online banking you expect a rise in the number of victims.
So what is to be done? The antivirus companies think we need to deploy them into the cloud (big surprise). I'm not sure that we'll be safe until you absolutely cannot install unsigned binaries on to your system. I'm not saying that would fix it for all cases but it would leave an audit trail. Perps could get traced and locked up and maybe money would be “safe” in our accounts again.