New strain of Gozi virus steals thousands of bank details

By

A fresh batch of the Russian Gozi virus has spread across the world stealing personal data from thousands of computer users.

New strain of Gozi virus steals thousands of bank details
The malware variant is similar to the original Gozi virus, which was detected in January, but has two new features.

These include a packing utility that encrypts, compresses and deletes sections of the virus code in order to evade detection by signature-based anti-virus software.

The Trojan also has an integrally coded keylogging function designed to capture and steal personal data, with the ability to snatch information from encrypted SSL streams.

The keylogging feature is activated when a user on an infected computer visits an e-banking website, according to reports.

So far, information compromised by the virus includes bank and credit card account numbers, online payment account details, usernames and passwords.

Don Jackson, a researcher at SecureWorks, uncovered the Trojan variant, which sends the stolen data to a server located in Russia.

"It is bad enough that this new version of Gozi can encrypt and rotate its program code to by-pass conventional signature detection, but the fact it can switch a keylogging function on and off when the infected PC reaches an e-banking web page makes it almost undetectable using conventional IT security technology," warned Geoff Sweeney, co-founder and chief technology officer of behavioural analysis software company, Tier-3.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

WhatsApp banned on US House of Representatives devices

WhatsApp banned on US House of Representatives devices

Victoria's first government tech chief steps down

Victoria's first government tech chief steps down

Log In

  |  Forgot your password?