Five of the top eight banking Trojans can capture snapshots of victims’ behaviour, according to a research report from Dell Secureworks.
The malware does not just capture bank details and login credentials, but also helps attackers build up a picture of user behaviour and interactions with banking sites.
According to the report, cyber criminals also use information about victims’ behaviour to hide their own digital footprints when they steal the money from the victims’ bank accounts.
Cheap storage and higher bandwidth net links help cyber thieves to extract image streams, according to Brett Stone-Gross, a senior researcher at Dell and co-author of the report.
Some of the botnets linked to malware covered by the report first emerged in 2006-7, and have survived repeated attempts to shut them down.Stone-Gross said this method had been used by cyber criminals to steal millions of dollars from bank accounts in mostly unreported thefts, reports the BBC.
"Their longevity is a testament to how much money is involved and how lucrative they are," said Stone-Gross.
According to the report, the top banking Trojans have targeted customers at 900 banks and other financial institutions in more than 65 countries.
While all users of online banking are at risk, Stone-Gross said cyber criminals are increasingly targeting people with access to commercial banking and payroll systems.
The banking Trojan malware is typically distributed through malicious email attachments, compromised websites and online adverts injected with malicious code.
Some of the biggest online heists have used denial of service(DoS) attacks to create a diversion and prevent victims from accessing their accounts.
Top banking botnets
- Gameover Zeus