Websites concealing malicious Trojan code are increasing in number faster than ever before, a security firm has warned.
Websense Security Labs reported that a high percentage of malicious sites contain so-called Trojan horse downloaders, and banking Trojans designed to create backdoors through which personal data can be sent to hackers.
Downloaders are placed on a PC to download a banking Trojan which may contain key-logging software to record passwords.
Once installed the key-logging software is used to monitor the behaviour of a user in the hope of catching keystrokes when they enter a banking or e-commerce site.
When this occurs the software captures the details and sends them through HTTP or SMTP, sometimes even including encryption.
In the first two weeks of July Websense said it detected 100 malicious websites and 100 unique Trojan horses.
Mark Murtagh, technical director at Websense, said: "This problem is going to get worse. There are now clearly demonstrated links to organised crime in the UK, eastern Europe and Russia.
"They know that this is a lot easier than breaking into banks. One recent scam netted them £6m."
Websense has listed some common characteristics of Trojan horse downloaders:
- Commonly use free hosting services
- Commonly use email and social engineering (emails with believable messages relating to your normal activities or fears)
- Most often use entertainment or IT security related deception techniques
- Most commonly use URLs that are using .scr, .exe, .jpg.exe, .gif and .ex extensions
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software