(WEB HOST INDUSTRY REVIEW) -- IT security provider Trusteer (http://www.trusteer.com/) announced on Tuesday via its blog new research findings that show an increasing number of financial institutions are being targeted by the SpyEye Trojan.
The company said its risk analysis teams have also found an increase in the number of countries where financial institutions are being targeted by fraudsters using SpyEye, based on findings from the Trusteer Situation Room and its anomaly detection service Pinpoint.
By looking at the monthly findings from the SpyEye command and control centers, Trusteer's risk analysis team discovered that 60 percent of the SpyEye bots target financial institutions in the US.
This is followed by the UK with 53 percent, Canada with 31 percent, Germany 29 percent, and Australia 20 percent.
The percentage of SpyEye bots targeting Canadian banks more than doubled from 14 percent in May to 31 percent in June.
Other destinations that are included in more than 10 percent of SpyEye bots include Italy, Ireland, UAE, Spain, Costa Rica, France, Turkey, India, Jordan, Russia, and Portugal, and continues to expand in more countries.
In May, SpyEye added targets in the Middle East including Saudi Arabia, Bahrain and Oman, and in June, attacked financial institutions in Venezuela, Belarus, Ukraine, Moldova, Estonia, Latvia, Finland, Japan, Hong Kong and Peru. Russia is also a relatively new addition to the target list, said the company.
Trusteer also points out that the fraud patterns used by SpyEye differ from that of popular financial malware, Zeus, by using code that goes undetected by transaction monitoring systems.
SpyEye seems to follow Agile software development practices using flexible coding, enabling developers to quickly roll out new versions by modifying the program code itself.
Over the past 18 months, developers of the malware have been effectively merging it with that of the older Zeus code.
Trusteer has covered SpyEye a few times before in its blog, including in a report last October.
In this latest report, the company recommends that financial institutions monitor development in the SpyEye toolkit, and in particular, pay close attention to SpyEye attack vectors that target their brand and other financial institutions.
The company said this information from the process should be included in the financial institution's security controls such as anomaly detection and endpoint protection.
It also said that US banks will incorporate real-time threat intelligence and anomaly detection from services like Trusteer Situation Room and Trusteer Pinpoint under the updated FFIEC Guidance for online banking security.
Article Source http://www.thewhir.com/web-hosting-news/072711_Trusteer_Report_Shows_US_UK_Canadian_Banks_Most_Targeted_by_SpyEye_Trojan permits to republish here
The company said its risk analysis teams have also found an increase in the number of countries where financial institutions are being targeted by fraudsters using SpyEye, based on findings from the Trusteer Situation Room and its anomaly detection service Pinpoint.
By looking at the monthly findings from the SpyEye command and control centers, Trusteer's risk analysis team discovered that 60 percent of the SpyEye bots target financial institutions in the US.
This is followed by the UK with 53 percent, Canada with 31 percent, Germany 29 percent, and Australia 20 percent.
The percentage of SpyEye bots targeting Canadian banks more than doubled from 14 percent in May to 31 percent in June.
Other destinations that are included in more than 10 percent of SpyEye bots include Italy, Ireland, UAE, Spain, Costa Rica, France, Turkey, India, Jordan, Russia, and Portugal, and continues to expand in more countries.
In May, SpyEye added targets in the Middle East including Saudi Arabia, Bahrain and Oman, and in June, attacked financial institutions in Venezuela, Belarus, Ukraine, Moldova, Estonia, Latvia, Finland, Japan, Hong Kong and Peru. Russia is also a relatively new addition to the target list, said the company.
Trusteer also points out that the fraud patterns used by SpyEye differ from that of popular financial malware, Zeus, by using code that goes undetected by transaction monitoring systems.
SpyEye seems to follow Agile software development practices using flexible coding, enabling developers to quickly roll out new versions by modifying the program code itself.
Over the past 18 months, developers of the malware have been effectively merging it with that of the older Zeus code.
Trusteer has covered SpyEye a few times before in its blog, including in a report last October.
In this latest report, the company recommends that financial institutions monitor development in the SpyEye toolkit, and in particular, pay close attention to SpyEye attack vectors that target their brand and other financial institutions.
The company said this information from the process should be included in the financial institution's security controls such as anomaly detection and endpoint protection.
It also said that US banks will incorporate real-time threat intelligence and anomaly detection from services like Trusteer Situation Room and Trusteer Pinpoint under the updated FFIEC Guidance for online banking security.
Article Source http://www.thewhir.com/web-hosting-news/072711_Trusteer_Report_Shows_US_UK_Canadian_Banks_Most_Targeted_by_SpyEye_Trojan permits to republish here
<<<<<<<<<<<<<
Click Most Updated Discount Coupon Codes & My Personal Web Hosting Recommendations
Click http://nightwishmarketing.web.officelive.com/WebHosting.aspx
Stay Tuned!
Click http://nightwishmarketing.web.officelive.com/WebHosting.aspx
Stay Tuned!
<<<<<<<<<<<<