March 09, 18:29
MOSCOW, September 13. (Itar-Tass) – IT security experts working for G Data company has uncovered a new approach to digital attacks targeting clients of e-payment systems. A spokesperson said that it’s based on cloud computing: culprits use malware to discretely tap into data of e-payment transactions.
“Storing malware in ‘the cloud,’ severely hampers analysis of the attacks as well as creation of effective tools combating this new kind of digital threats,” experts admit. IT specialists explained that generally malicious software which goes after e-banking information is run on clients’ computers: virus files contain targeted websites and code which allows criminals to steal access information used by remote banking clients.
A few days ago G Data found a new configuration of the infamous e-banking virus Zeus, which is partially stored in the cloud. “Depending on the targeted website the virus may prompt a user to, say, input bank card details twice, allegedly for security purposes,” company spokesperson said. A similar approach is used by Ciavax virus which was detected this August.
The latest iteration of this kind of malware is even more impressive, experts admit. “Currently it’s impossible to determine which websites are targeted. Using manual methods of checking selected web addresses cannot be effective as a lot of requests to these sites may alert the culpting,” said Thomas Zibert, G Data anti-virus expert. He added that such new approaches to digital attacks not only makes curbing viruses hard, but also illustrates skillfulness of e-criminals.