Neverquest trojan targets online banking: SECURITY FIRM Kaspersky has revealed details about a serious threat to online banking.
The Trojan known as Neverquest is said by its creators to be capable of breaking into “any bank in any country”.
It has already managed to bypass standard security precautions put in place by banks including safeguards against web injection, remote system access and social engineering.
Kaspersky Lab principal security researcher Sergey Golovanov said, “After wrapping up several criminal cases associated with the creation and proliferation of malware used to steal bank website data, a few ‘holes’ appeared on the black market.
New malicious users are trying to fill these with new technologies and ideas. Neverquest is just one of the threats aiming to take over the leading positions previously held by programs like Zeus and Carberp.”
The virus works by creating “cuckoo” pages in Internet Explorer and Firefox that record all data entered from 28 websites targeted by the criminals. One target is an investment fund that allows not only the transfer of money but actually playing the stock market using the stolen credentials.
It is also capable of providing the data required to perpetuate itself and build new dummy pages for other institutions.
Naturally, Kaspersky is also keen to point out that standard anti-virus software is not suitable to prevent this kind of attack and that it requires an process that prevents webpages from being manipulated by another program. We imagine that there are companies that offer this kind of protection, but we can’t think of any names off the tops of our heads.
We’ve contact Kaspersky to give us some idea of the speed at which this Trojan is being spread, but we already know that that it has monitored several thousand attempts to access bank computers.