Global Banks Can’t Get Rid Of Malware

Digital World BlueA recent investigation by Lookingglass Cyber Solutions has reported that large global banks have a high incidence of infection by banking malware such as Conficker and Zeus;

both invade your computer after an Internet infection, search for your banking credentials, and monitor your online banking transactions to obtain your sign-on name and password. Then they submit a seemingly valid electronic funds transfer (EFT) that will empty your bank accounts, sending your money to a criminal bank account in another part of the world.

This discovery is three years after the Conficker worm first appeared.

On the surface, this looks like the world’s largest banks don’t make an effort to clean up their malware infections in a timely manner…but there may be another explanation.

The financial industry has done a fantastic job of electronically integrating their bank transfer transactions such as movement of funds between accounts in the same bank, between banks, and to and from Federal banks. Most electronic funds transfers (EFT) take place immediately and complete in a matter of seconds to hours, depending on the bank’s policies. However, there’s a dark side to this extremely efficient electronic environment…the majority of these transactions take place without any human interface; and there is so high a level of integration among the computers and networks of the thousands of banks across the world that computers and networks can and will be re-infected, sometimes more than once, until all the banks have cleaned the malware from their computers. This reminds me of the “whack-a-mole” game where the moles keep popping up over and over despite doing a good job of whacking them individually. It appears that this is what has caused Conficker and Zeus to be so prevalent in the banking industry; a mass re-infection.

There seems to be an almost impossible coordination effort required to eliminate malware in such an environment. However, the bright minds that designed the banking system will undoubtedly apply their resources to develop an equally clever method to quickly eliminate malware from the entire environment quickly enough to avoid re-infection. Here’s hoping someone out there in the banking world is listening…

Reference: SecurityWeek.com

As always, I appreciate your comments on this subject…so please do. And be careful out there…it’s extremely dangerous these days.

Don’t miss an article. If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam too. Please share my site with your friends and family. Thanks.

Home computing is a blast…keep it safe, productive and enjoyable.

Best regards,

Paul

lubicp(at)yahoo.com and if you twitter, follow me @paulsinternet on Twitter.

Advertisements

Leave a comment

Filed under Cybercrime, In the News, Internet Security, malware

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s