New Trojan Targets Online Banking

Jun 17, 2014

Dyreza malware launches a man-in-the-middle attack that compromises SSL.

Danish security experts at CSIS have discovered a new malware tool that targets online banking. The Dyreza trojan is launched from a phishing email message that includes a zipped document. Unzipping the attachment delivers the malware to the user's system.
According to CSIS, once the trojan is installed, it can circumvent SSL security, reading the user's encrypted SSL sessions in a man-in-the-middle attack. The attacker is thus able to hijack remote banking sessions. Peter Kruse, security specialist with CSIS, reports that the confirmed target list includes Bank of America, NatWest, Citibank, RBS, and Ulster Bank – other banks might also be affected. 

Related content

comments powered by Disqus

Issue 168/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News