Trend Micro says Automatic Transfer System circumvents latest in banking
OTTAWA, June 18, 2012 /CNW/ - Trend Micro Incorporated (TYO: 4704;TSE: 4704), the global cloud security leader, today released a new threat report
that identifies an Automatic Transfer System (ATS) which allows cybercriminals to breach bank security measures and clean out a victims' bank accounts
without leaving signs of criminal activity.
The report, written by Trend Micro's Senior Threat Researcher, Loucif
Kharouni, discusses how the ATS tool is used in conjunction with SpyEye
and ZeuS malware variants to create a "Man in the Browser (MitB)"
attack. The attack does not require the criminal to be online during
the victim's session and will automatically conduct a wire transfer
using the victims' credentials, without alerting them.
Entitled "Automatic Transfer System, a New Cybercrime Tool" the report documents attacks that have been directed towards banks
which are using enhanced security measures, such as those that impose
daily account transfer limits and use two-factor authentication through
SMS notifications. Banks in Germany, the United Kingdom and Italy have
been targeted the most for these attacks.
"The attacks are of particular concern because they circumvent
traditional and even enhanced online banking security measures," said
Tom Kellermann, VP Cybersecurity, of Trend Micro. "Due to the seemingly
imperceptible way that this ATS tool modifies records, endpoint solutions must be used to prevent infections from starting or to detect the
threat after it has already affected a machine. Users should also
update their endpoints security systems frequently to ensure they
afford themselves the best chance to prevent these attacks."
The ATS tool currently only affects bank accounts where a PC running
Windows is used to access bank records. Unlike previous cybercrime tools that interact with SpyEye and ZeuS, the ATS tool also does not
prompt pop-up displays and will automatically perform several tasks
such as checking account balances, conducting wire transfers and
modifying account transactions to hide traces of the tool's presence.
No banks in Canada or the United States have reported to be affected
yet, but previous threats that have been linked with SpyEye and ZeuS
create the possibility that the tool can be repurposed to attack banks
in Canada or the United States.
About Trend Micro
Trend Micro Incorporated (TYO: 4704;TSE: 4704), the global cloud security leader, creates a world safe for exchanging digital information with its
Internet content security and threat management solutions for
businesses and consumers.
SOURCE Trend Micro Canada
For further information:
Media Contact Canada: Claire M. Tallarico, 416-616 9940