Security experts have warned banks and their customers to be on their guard after discovering a new Trojan designed to hijack online sessions and keep them open after users believe they have logged off.
The OddJob Trojan was discovered by security firm Trusteer, and is designed to siphon off funds from online bank accounts. The malware features several interesting elements which make it particularly noteworthy.
For example, it is able to intercept communications through the browser, allowing it to steal, inject or terminate user sessions. It can also perform different actions on certain web sites depending on its configuration.
Trusteer chief technology officer Amit Klein wrote in a blog post that OddJob can hijack the session ID token used by banks to authenticate users, allowing hackers to impersonate a legitimate customer.
OddJob also allows hackers to bypass the log-out request to terminate an online session, meaning that they can stay logged in while the user thinks the opposite.
"The most interesting aspect of this malware is that it appears to be a work in progress, as we have seen differences in hooked functions in recent days and weeks, as well as the way the command and control protocols operate," wrote Klein.
"We believe that these functions and protocols will continue to evolve in the near future, and that our analysis of the malware's functionality may not be 100 per cent complete as the code writers continue to refine it."
OddJob has been spotted so far in the UK, US, Poland and other countries.
Should you link your data sets to add value, or leave them separate to reduce risk?
Can process camera images in real-time at up to 171 frames per second
Graphene and Kevlar used to make 'the world's toughest' shoes
Ecostress instrument will provide new insights into water usage and plant health on Earth