New variant of Pinch Trojan detected with 4000 users already infected

By on

A new variation of the Pinch Trojan has been detected by Prevx.

A new variation of the Pinch Trojan has been detected by Prevx.

 

Director of malware research Jacques Erasmus, claimed that the Trojan is still infecting users despiten its creators being arrested more than a year ago. Data also showed that more than 4000 users had been infected yesterday from one variation.

 

Of the 4000 people infected, 392 are from the USA, 335 from Brazil, 93 from China and 73 from the UK. The data also shows that out of the 4000 people infected, more than 150 were already running active anti-virus software, underlining the fact that despite the source code being over a year old, it is still bypassing traditional signature-based anti-virus.

 

Prevx has reported the location distributing the malware to the relevant ISP, which has subsequently been shut down.

 

Erasmus said: “This data is an interesting insight into the modern world of the malware developer. By simply buying the software kit off the internet and adding a few custom tweaks, the owner of this particular variation is managing to get round major anti-virus software and stealing peoples credit card details, passwords and other personal information.

 

“The code to create this Trojan has been on forums and passed around, I have seen two to three versions a day created and tested out, either on virus websites or on our products.”

 

He claimed that there are a few specific features of the Pinch Trojan, specifically that it will infect both Internet Explorer and Firefox to monitor and collect passwords and credit card details. From a corporate perspective, it can steal technical services and remote credentials, and can login to the network using these details.

 

Erasmus said: “This is only variant of it, and there are a large number of possibilities for other versions. Anyone trying to make a business out of malware can simply get the code and give it a try.

 

“It just goes to underline that the signature-based approach is not enough - what is needed is a complementary anti-virus approach which can detect malware using a different technique. Only by taking this approach can people catch these latest types of malware.”

See original article on scmagazineus.com

Copyright © SC Magazine, US edition
Tags:
detected infected pinch prevx security trojan

Most Read Articles

SA Dept Premier and Cabinet sacks CIO

SA Dept Premier and Cabinet sacks CIO
Optus fibre cable cut in Melbourne

Optus fibre cable cut in Melbourne
NBN Co finally reveals satellite users who will lose ADSL

NBN Co finally reveals satellite users who will lose ADSL
Equifax's top tech execs leave 'effective immediately'

Equifax's top tech execs leave 'effective immediately'
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
Solving IT complexity
Solving IT complexity
Optimising Enterprise Data Centres for the Cloud
Optimising Enterprise Data Centres for the Cloud
Growing companies have a growing interest in technology
Growing companies have a growing interest in technology
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
RSA NetWitness® Endpoint. Respond 3X Faster to Threats

Events

Log In

Username:
Password:
|  Forgot your password?