Computer hackers are employing a ‘Trojan horse’ virus to target users of online banking sites, according to researchers from computer security company Trend Micro. They have dubbed the latest attack ‘Emmental’ as, like the Swiss cheese, they believe online banking protections are “full of holes”.
The company, which issued its report at the same time as Switch, the computer emergency response team for Swiss universities, said that the hacking is targeted at bank clients in Switzerland, Austria, Japan and Sweden.
The researchers uncovered what they say is a sophisticated, multi-stage attack by cybercriminals determined to bypass the so-called two-factor authentication systems at banks in each of the four countries.
While most online banking sites ask for a single password, two-factor authentication systems require customers to enter a second, one-time password that has been emailed or texted to their mobile phone. The intent is that a second identifying factor eliminates the risk that criminals can break into customers’ accounts simply by stealing an online password.
However, Trend Micro found that hackers were able to bypass the two-factor authentication systems at the European and Japanese banks using sophisticated malware known as Retefe. Hackers are sending fake emails to online bank users that show the letterheads of popular online retailers and have attachments.
Clients opening the attachments download the malware which directs users to a fake site managed by criminals when they try to access a legitimate bank site.
The fake sites asked the clients to enter their account details, password and personal identification number (PIN). Trend Micro said that six banking websites in Austria, seven in Sweden, 16 in Switzerland and five in Japan have been subjected to the scam.
The criminals also encouraged victims to download a mobile application, available in Google’s Android store.
The app posed as a measure to improve security. However, once downloaded, it allowed criminals to gain full access to their victims’ bank accounts. It was able to intercept the second password that legitimate banks send their customers so that they can log into their bank accounts remotely.
The attackers then sent that password to their own command and control server. Then, combined with the victim’s stolen online banking credentials, the hackers pilfered their victims’ accounts.
Trend Micro said that it had tracked the hacking to Romania but the culprits are “most likely Russian speakers” who use “shady Russian cyber-criminal underground market services”. The company believes the criminals to have been active since 2011.
Switch said antivirus programs from Android offer good protection against the malware scammers “but unfortunately few people still use such software on their smartphones”.
Trend Micro said that it had notified banks “so they could take appropriate measures to protect their clients”. It recommends that they use more advanced defences against malware and ‘phishing’, the sending of emails to illegally obtain confidential information.
GTNews asks Pugsley about what advice she would give to treasurers dealing with mergers and acquisitions, what the key challenges for her year ahead will be and how she is selecting a treasury management system (TMS).
The US money market fund reforms came into effect in 2016 and are already dramatically shaping US fund industry with investors flooding out of prime funds and into government securities. While the reforms are similar, they are not the same. GTNews interviews Yeng Bulter, global head of the cash business at State Street Global Advisors on the differences.
Tim de Knegt, strategic finance and treasury manager for the Port of Rotterdam, discusses how he is using blockchain, the challenges he will face in his role of treasury over the next 12 months and the advice he would give to someone starting out their career in treasury.
Due to the low interest rate environment and Basel III regulation many corporate treasurers, who may have in the past been very reliant on the banking sector to provide them with cash management solutions, have been forced to explore alternative options as banks have been refusing short dated cash deposits.