|Kaspersky Lab has recorded 'several thousand' attempts to infect computers used for online banking, it said today. |
The Trojan program, dubbed Neverquest, supports 'just about every possible trick' used to bypass web banking security systems including web injection, remote system access and social engineering.
Security experts Kaspersky Lab predicts a sharp rise in the number of attacks involving Neverquest, which steals usernames and passwords to bank accounts, and data entered by users into modified pages of a banking website.
After gaining access to a user's account via online banking, cybercriminals conduct transactions and wire money from the user to their own accounts or - to keep the trail from leading directly to them - to the accounts of other victims.
Special scripts for Internet Explorer and Firefox are used to facilitate these thefts, giving the malware control of the browser connection with the cybercriminal's command server.
An investment fund appears to be the top target, so far, says Kaspersky Labs experts.
Its website offers clients a long list of ways to manage their finances online, giving malicious users the chance to transfer cash funds to their own accounts but also to play the stock market, using the money of Neverquest victims.
"Neverquest is just one of the threats aiming to take over the leading positions previously held by programs like ZeuS and Carberp," says Sergey Golovanov, Principal Security Researcher, Kaspersky Lab.
The weeks prior to the Christmas and New Year holidays are traditionally a period of high malicious user activity.
During November there have been instances where posts were made in hacker forums about buying and selling databases to access bank accounts and other documents used to open accounts to which stolen funds are sent.
The full version of the article on Neverquest is available at securelist.com