Cyber criminals have created a highly sophisticated Trojan virus that steals online banking log-in details from infected computers.
The Clampi virus, which is spreading rapidly across hundreds of thousands of computers in Britain and the United States, infects computers when users visit websites that host a malicious code.
Once on the computer, the virus sits unnoticed until the user logs on to bank, credit card or other financial websites. It then captures log-in and password information and sends it to a server run by the attackers. They can then tell the compromised computer to send money to accounts that they control, or they can buy goods with the stolen credit card details.
The virus waits till you log into financial web sites
The trojan has a list of more than 4,500 finance-related websites that it monitors, including British high street banks. Security experts warned that it was one of the stealthiest and most pervasive threats to computers using the Microsoft Windows operating systems.
Orla Cox, security operations manager with Symantec, the online security company, said: “Clampi is a complex threat. People are only just beginning to understand how it operates.”
Researchers have found that the list of sites that Clampi is monitoring includes banks, credit card companies, online casinos, e-mail, wire transfer services, retail sites, utilities, share brokerages, mortgage lenders and government sites.
Ms Cox said: “The first big wave was in the US in July, but it is spreading around the world, particularly English-language countries. We have seen samples of it targeting UK high street banks. There is potential for another wave to come.”
- Similar posts
- Scareware installs fake software and raids your bank account (31.2%)
- Microsoft issues its biggest-ever security fix (29.3%)
- Facebook a trojan playground? (26.5%)
- Sophos releases free encryption tool for Windows (16.3%)
- One password for all spells disaster (16.2%)
- Microsoft's Security Bulletin for September (15.9%)
- Microsoft Security Essentials final version released (15.8%)
One Response to “Clampi virus on the loose”
Leave a Reply
You must be logged in to post a comment.
October 15th, 2009 at 8:40 am
A Pennsylvania organization that helps develop affordable housing learned a painful lesson about the hazards of online banking using the Windows operating system when a notorious trojan siphoned almost $480,000 from its account.
News reports here and here say $479,247 vanished from a bank account belonging to the Cumberland County Redevelopment Authority after it was hit by Clampi. The trojan gets installed by tricking users into clicking on a file attached to email and then lies in wait for the victim to log in to online financial websites. The authority has so far been able to recover $109,467 of the stolen loot.
The theft is part of a rash of online heists that have stolen millions of dollars from businesses and non-profit organizations. While circumstances are different in each case, they all point to a single point of failure: Each theft relied on the successful compromise of a Windows-based system.
It was this undeniable fact that led Brian Krebs – author of the Security Fix blog which over the past month has published a series of articles detailing high-stakes bank thefts – to recommend Windows machines no longer be used by those who choose to do their banking online.
“I do not offer this recommendation lightly,” he wrote. “But I have interviewed dozens of victim companies that lost anywhere from $10,000 to $500,000 dollars because of a single malware infection.”
To be clear, that’s malware that ran only on Windows.