Banking Malware: Sophistication Rises In Longtime Botnet Families

Banking Botnets Gain Functionality

Banking Trojans have long been stealing account credentials and draining accounts, and they have been steadily increasing. The malware can blow past most two-factor authentication and password schemes, said Joe Stewart, director of malware research at Dell SecureWorks Counter Threat Unit in an interview with CRN. It is forcing some banks to issue independent hardware devices to certain users who conduct high-value transactions, Stewart said. An Android app called Cronto is becoming increasingly popular. The ability to take a video of the victim's screen to capture the passwords and other information has been added to at least seven different malware families. Authors also are using it to gain intelligence, looking at screen captures and videos to figure out where they can inject code for future attacks. Dell SecureWorks has outlined the top banking Trojan families of 2013 in a new report

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.