Researchers at a US online security company have uncovered information on a ‘next-generation’ banking Trojan that steals money from victim’s accounts while they are logged in.
Over 22 days in August, the Trojan’s operators stole nearly US$438,000 from several hundred accounts with unnamed German banks.
The Trojan is able to calculate on-the-fly how much money is available in an account and how much of the balance to steal. It calculates a maximum and minimum theft that will not trigger antifraud systems and decides on a percentage of the cash to leave in the account.
It then displays a fake balance to bankers logged into their accounts.
“The Trojan is sending requests to the bank and getting replies that your browser doesn’t display,” security company Finjin’s Yuval Ben-Itzhak told Cnet.com. “You are looking at your account and you don’t see any of it.”
About 6,400 of 90,000 computers that visited sites housing the malware were infected.