Not even the old and classic bank robbery resists technological progress: this is the case with the brand new one virus "Eurograbber“, a “Trojan horse” that has infected the PCs of about thirty thousand users in Italy, Spain, Germany and the Netherlands.
The virus – and this is the innovative feature of the program – transfers from home computer to mobile phone, and was specifically designed to infiltrate online banking systems, which are increasingly popular among consumers today.
When PC and mobile are infected, i verification codes sent to authenticate the connection between devices are "registered" by the virus, which uses them later to open "shadow sessions" in real time. At this point the trojan gets the green light to transfer varying sums to other accounts from 500 to 250 thousand euros. So far, at European level, the sums withdrawn amount to approx 36 million euros.
There are about thirty banking institutions whose deposits have been defrauded by the virus, perpetrator of the second largest bank fraud of the year.
Eurograbber has begun to spread from Italy, using as a "vector" a variant of the "Zitmo" trojan, also known as "Zeus", a virus specifically designed for mobile phones, which remains undetected, without arousing suspicion, only to be unleashed at the moment appropriate.
No cell phone seems to be safe: the device has been specifically designed to "take root" on very common phones, and the target banks are institutions of primary importance on the continent.
Two-step authentication, which is when a user enters a second bank-generated code, in addition to the normal password, is a very common verification process in online banking. Google also uses it to make "cloud computing" processes more secure. The method is so common that about the thirty percent of banking institutions Europeans use it.
The first attacks were recorded last August, but investigations seem to confirm that the first forms of infection have already been detectable since the beginning of 2012. In any case, don't worry: banks have already notified customers infected with the virus, often users of Android or Blackberry phones.
The virus invites users to update your online banking software, usually via sms or email. When the victim opens the link, a Trojan automatically installs itself on the mobile phone, giving hackers privileged access to banking systems from home.
To avoid infection, it is sufficient to keep your computer and mobile phone updated, but only through official sources, avoiding opening links from uncertain sources.
source: Financial Times
