Cybercriminals put a new spin on old threats

Top Stories

»	India’s export outlook brighter as manufactured goods gain share: RBI
»	Private consumption driving growth in Q3 with rural India taking lead: RBI
»	Indian MSMEs create about 10 crore jobs in 15 months
»	Indian prefer Q-commerce for daily essentials, physical stores for high-value buying
»	Embedded finance to unlock $25 bn revenue opportunity for India’s platforms by 2030

PR Newswire | 31 Jul, 2010

BOULDER: A disturbing Internet security trend is putting home PC users' identities at risk. Phishing Trojans, a kind of Internet security threat designed to steal your personal information and wreak other havoc on your PC, have been taking on new forms. In some cases, cybercriminals use them for "phishing" your log-in credentials and other sensitive information. In other cases, they're triggering phony antivirus programs to appear on your PC and trick you into giving away your credit card number in exchange for a solution you never receive.

Internet security experts at Boulder, Colorado-based Internet security service company Webroot have also identified malicious programs that leave your PC unusable after infection: Victims either cannot reboot their PCs once the data theft is complete, or their PCs crash when they attempt to remove the malware.

"In some cases, the crashes were the result of poor coding by the malware author," says Andrew Brandt, Lead Threat Research Analyst at Webroot. "But increasingly, it appears that this behavior is deliberate and occurs without warning. This unfortunate trend appears to be getting worse, leaving a raft of perplexed, angry victims unable to use their computers in the wake of an infection."

Home PC users with a taste for the more technical details of phishing Trojans will appreciate the following documentation of recent examples:

Zbot. Many phishing Trojans turn an infected computer into part of a botnet, a zombie army of Internet-connected computers that are controlled remotely and unbeknownst to their owners. Botnets can send spam, spread malware to other computers, engage in distributed denial-of-service attacks, serve as covert file storage areas and a host of other undesirable activities. It is speculated that new variants of Zbot may deliberately disable the PC as a distraction, making it more difficult for the victim to become aware that credentials were stolen and used until it is too late.

Tacticlol. This phishing Trojan arrives in email inboxes disguised as either UPS shipping information or some sort of Facebook account update. It typically downloads at least one rogue antivirus program when a victim unzips the attachment and runs the file. One of the rogues used in a recent infection is called XP Defender. The rogue itself disables common browsers, Outlook Express and other Internet-enabled applications, among other things.

To learn more about protection from phishing or how antivirus and antispyware programs from Webroot can protect you, visit http://www.webroot.com/En_US/consumer.html.

SOURCE Webroot