CCA new virus has been detected that targets banking details. Dubbed ‘neverquest’ it breaks new ground in terms of its reach and the potential damage it can do.

Apparently, it can break into the accounts of about 100 different banks and uses just about every trick in the hacker’s handbook to do so. Moreover, there’s a widespread belief within the industry that it could do a lot of damage and potentially infect millions of vulnerable computers.

 

 

Twin malware track attack

One method it adopts is to steal passwords associated with different web sites. By using the stolen passwords it plants malicious code on these websites.  People visiting the infected websites could then potentially be infected by clicking on a code-loaded link within the web site.  When this happens the malware then uses different techniques to infect the user’s computer.

Once in, it begins harvesting banking details such as user names and passwords which are sent directly to the cyber crooks.  They then aim to go directly to the bank and transfer money from the compromised accounts to the accounts they’ve set up to gather the cash.

It also has another modus operandi – lifting contact information from an infected user’s email account.  The information is then gathered up and used to send out mass spam mailings with attachments containing malware designed to install the virus. The emails are supposedly designed to look like official notifications for a range of online services.

Malware is getting cleverer

Apparently, the code is also designed to detect when a user is on a banking web site by identifying relevant phrases such as ‘account summary’ or ‘available balance.’  The malware then sends details back to the hackers who will no doubt use it to extend their cash grab dragnet.

‘Neverquest’ was put up for sale on the deep web hacker forums back in July by its creators.  Now criminal gangs have bought it from the hackers hence its rather sudden entrance into the mainstream internet.

Online identity theft on large scale

While neverquest has just been recently detected it has apparently already attempted to infect thousands of computers. Because it uses so many attack vectors industry experts reckon it could do some serious damage in terms of online identity theft given that there are so many vulnerable computers out there.

There are claims that standard antivirus packages won’t detect it.  At BullGuard we’ve run a check and it is picked up by our antivirus software.  It uses multiple layers of detection to not only identify and stop known viruses but also detect new viruses like neverquest.  If you’re not running antivirus software, do yourself a favour and check out this link for a free BullGuard virus scan.  You could save yourself a whole world of trouble.

The Mother of all Malware does exist

On a separate note you may have read our earlier blog on a Canadian security researcher who claimed his computers were being controlled by ultrasonic sound transmitted from computer speakers and microphones.

There was much speculation as to whether this airborne malware was possible, or whether it even existed given that ‘airware’ code has never previously been discovered.

Let’s put this one to bed then. It does exist, at least as a proof-of-concept. Researchers at Fraunhofer Institute for Communication, Information Processing, and Ergonomics in Germany managed to get computers to exchange inaudible broadcasts over distances of up to 65 feet.  You can read all about it here.  Hello brave new world.

avatarWritten by Steve Bell (75 Posts)

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.


One thought on “Malware alert! A new malware that can break up to 100 banks just surfaced

  1. avatarKisha

    Pretty great post. I just stumbled upon your weblog and wished to say that I have really
    enjoyed surfing around your blog posts. In any case I will be subscribing to your rss feed and I amm hoping you write once morde soon!

    Reply

Leave a Reply

Your email address will not be published.


*