News Advanced Threats

Researchers Identify Banks Targeted In Forthcoming Attack

Tim Wilson

See more from Tim

Connect directly with Tim: Bio | Contact

Bank of America, Chase, Citibank said to be among institutions under the gun from planned Gozi-Prinimalka malware attack

Tim Wilson October 15, 2012

Researchers say they have some 26 banks that are being targeted in an evolving series of attacks on U.S. financial institutions.

The banking attacks, which were first reported two weeks ago by researchers at RSA, are a coordinated effort that may involve more than 100 cybercriminals, according to reports.

More Security Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>

In a blog published late last week, researchers at Trend Micro said they have analyzed the configuration files of the Gozi-Prinimalka malware that is being used in the attacks, and have developed a list of 26 institutions that are being targeted by the cybercriminals.

According to Trend Micro, customers of the following financial institutions are at increased risk: Accurint; American Funds; Ameritrade; Bank of America; CapitalOne; Charles Schwab; Chase; Citibank; eTrade; Fidelity; Fifth Third Bank; HSBC; M&T Bank; Navy Federal Credit Union; PNC; Regions Financial Corporation; Scottrade; ShareBuilder; State Employees Credit Union; Suntrust; The Huntington National Bank; United States Automobile Association; USBank; Wachovia; Washington Mutual; and Wells Fargo.

A study of the malware's configuration files "clearly shows ... which [targets] were at risk, as well as giving insights into the code that is used to modify the sites in question," the blog states.

"We are in contact with the above financial institutions in order to help mitigate this threat," the researchers say. "In the meantime, we advise clients of the institutions listed above to pay particular attention to any wire transfers made out of their accounts, as it is believed that this is how the attack will be conducted by the attackers."

The malware may be found on enterprise machines as BKDR_URSNIF variants, such as BKDR_URSNIF.B, Trend Micro says. The company says its software is blocking the malware.

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Tim Wilson

See more from Tim

Connect directly with Tim: Bio | Contact

Dark Reading Discussions

Start the Discussion

To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.

Follow Dark Reading

Dark Reading Reports

Advanced Persistent Threats: The New Reality

For most organizations, the imminent danger that advanced persistent threats pose has been relatively low. That's changing as attackers' target base widens, their knowledge grows and their cyber weapons trickle down to the hacker masses. In this Dark Reading report, we examine the current APT landscape and provide recommendations for protecting your organization against this growing concern.
Trends In Mobile Device Threats

While there's some debate about the level of threat mobile devices pose, there's no question that the threat is growing. With readily available information about the devices in use, and often few corporate safeguards in place, mobile devices are turning out to be a lucrative vector for attackers looking for an in to enterprise networks. In this Dark Reading report, we explain how the threat is growing, what attackers are targeting and why you need to be concerned.
Heading Off Advanced Social Engineering Attacks

Social engineering attacks are getting increasingly sophisticated, but there's only so much the law and technology can do to protect your organization. In this Dark Reading report, we detail how a social engineering attack is developed and what IT professionals can do to prevent their users from being targets and victims.

Other reports from the Advanced Threats Tech Center:

Related Content

Sponsored by

The Rising Threat of Corporate Cybercrime: Cybercriminal Motives and Methods

Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to corporate information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the corporate network than a direct network attack. Our latest white paper discusses the cybercriminal motives and methods, and presents the need for Enterprises to recognize this growing danger and implement technologies that effectively prevent malware, the root cause of cybercrime.
Evolving Endpoint Malware Detection, Dealing with Advanced and Targeted Attacks

Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration. This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, the various approaches used to address them and how organizations should think about their current and future malware defense strategy.
Zero-Day Exploits and APTs: Security Requirements vs. Operational Challenges

Enterprises are losing the battle against advanced, information-stealing malware attacks. We continuously discover new application vulnerabilities which are quickly exploited by cybercriminals. Traditional blacklisting solutions don't work, and more advanced whitelisting-solutions are unmanageable. How do you overcome the manageability and operational challenges of advanced malware protection?

In this webinar, guest speaker Rick Holland, senior analyst serving Security & Risk Professionals at Forrester Research, Inc., will discuss the security and operational challenges associated with advanced malware protection. Rick will review the technical and operational requirements organizations should consider when looking to prevent and mitigate advanced malware. Dana Tamir, Director of Product Management at Trusteer, will then introduce Trusteer Apex which applies a new groundbreaking approach for stopping zero-day exploits and data exfiltration.

Free Research and Reports

What's this?From the Editors of DarkReading

More >>

Box Icon

Whitepapers

What's this?

More >>

Box Icon

Dark Reading Digital Magazine

Dark Reading May 2013 Digital Supplemental Issue

Back Issues

In This Issue

The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.

Download Now

First Name*:
Last Name*:
Email Address*:
Job Title:
Company/Organization/Gov't Dept.:
*Required field
Privacy Statement

Security

Protect The Business - Enable Access

News Advanced Threats

Researchers Identify Banks Targeted In Forthcoming Attack

Bank of America, Chase, Citibank said to be among institutions under the gun from planned Gozi-Prinimalka malware attack

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

Advanced Persistent Threats: The New Reality

Trends In Mobile Device Threats

Heading Off Advanced Social Engineering Attacks

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue

News Advanced Threats

Researchers Identify Banks Targeted In Forthcoming Attack

Bank of America, Chase, Citibank said to be among institutions under the gun from planned Gozi-Prinimalka malware attack

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

Related Content

Dark Reading Newsletter

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue