Banking passwords stealing virus prowling in Indian cyberspace
The malware routes the users to fake banking sites for divulging user information
New Delhi: Cyber security sleuths have alerted e-banking users in the country against the infectious and destructive activity of a "worm" virus which attacks and steals personal login secrets and passwords of an individual. The virus, of the deadly Trojan variant, has been identified and named as 'Cridex' and is considered notorious as it can assume as many as six aliases to perpetrate its activities. "It has been observed that the new variants of Cridex malware are spreading widely.
Cridex is an information stealing e-banking Trojan that propagates via removable drives and targets users of online banking/social media for stealing user name, passwords among others," the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to e-banking users in the country. The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain. The virus spreads by simultaneously opening a backdoor for downloading a number of malicious files once it enters a user's personal Internet working stream. "Like the other major banking Trojans, the malware performs web injects into the HTML pages of financial institutions contained in the configuration file.
The malware routes the users to fake banking sites for divulging user information and subsequently connects to the bank site from the victim IP address by bypassing IP reputation blocking," the agency said in its alert. Some of the identified aliases of this banking virus are 'Geodo', 'Dapato', 'W32/Kryptik.BVB', 'Worm.Win32.Cridex', 'PWS:Win32/Zbot' and 'Trojan.Gen.2' and can be noticed by these names when they appear online.
The agency said, once activated, the virus targets and steals login credentials of various banks and social networking sites like Facebook, Twitter and Instagram among others.The anti-sabotage cyber agency has also recommended some counter-measures for the users to deploy in their personal computers and Internet-enabled devices from where they perform their e-operations and online banking jobs. "Enable firewall at desktop and gateway level, keep up-to-date patches and fixes on the operating system and application software as well as anti-virus and anti-spyware signatures at entry points," it said.
It also suggested users to update and install the latest updates and softwares to protect computer from viruses, Trojans, guard against social engineering attacks, usage of strong passwords, limiting user privileges, exercising caution while opening attachments to emails received from known or unknown sources and avoiding downloading of pirated software.