June 30, 2004

Trojan targets user's financial information

Executable file disguises itself as an image and seems to spread through pop-up ads

Security researchers warned Tuesday of a new security threat making the Net rounds: A file that appears to spread through pop-up ads and capture personal data.

The Trojan horse file poses as an image file named "img1big.gif" but is actually an executable that installs a malicious add-on to Microsoft Corp.'s Internet Explorer browser. The add-on, known as a BHO, or browser helper object, then monitors for and records outbound data to the Web sites of several dozen financial institutions, according to an analysis posted on the SANS Institute's Internet Storm Center Web site.

Targeted Web sites include those operated by Citibank, Canadian Imperial Bank of Commerce and Deutsche Bank, according to the analysis.

"I believe that this particular type of malware represents a huge threat to the online financial industry," researcher Tom Liston wrote in the report. "As the proliferation of ad/spyware shows, installing executable software on a user's machines is far too easy."

The Trojan came to the Internet Storm Center's attention when a user found the file on a machine at his company and sent it in for analysis.

The Internet Storm center recommends a tool called BHODemon, which lists all BHOs installed on a system and allows the user to disable malicious ones. The free program is available at http://www.definitivesolutions.com/bhodemon.htm.

Sign up to receive Security Resource Alerts

Subscribe to the Security Central Newsletter

The one-stop resource center for IT professionals.

White Paper

CA Security Management Solutions

A comprehensive security management solution can help you streamline, as well as grow, your current or evolving business. In this way, a strategic security approach can help you increase your competitiveness in these challenging market conditions.

Download now! »

White paper

Beyond Compliance: The Significant Benefits of Log Management

Find out how you can effectively collect, normalize and archive enterprise-wide, security-related data that is invaluable for security investigation and compliance reporting.

Download now! »

Webcast

Integrated Identity Compliance: Enabling Cost-Effective Role-Based Compliance

This session focuses on the intersection of role management and identity compliance, and addresses the importance of identity compliance in enterprise governance and the challenges that organizations may face in achieving it.

View now! »
©1994-2009 Infoworld, Inc.