Experts are warning about a Trojan horse that targets users of online banking services and can redirect money transfers to the attacker's account without the user's knowledge.
According to Symantec Corp., a major computer security company, the Trojan, named Silentbanker, was first found in the United States late last year.
Although serious damages have not been reported and no Japanese banks had confirmed problems as of the end of January, experts say there are no measures against the Trojan horse once it is activated.
Silentbanker intercepts online banking transactions made on infected computers and redirects them to the attacker's bank account. The customer is provided details of what is expected so that he or she proceeds with what looks like a valid transaction.
The virus can target transactions with more than 400 banks in the world as it downloads a configuration file that contains the domain names of those banks.
The file configures the initial settings for computer programs.
With its great attack capability and the ability of circumvent two-stage authentication processes, the Trojan can break through security measures and intercept traffic between the customer and the bank.
Silentbanker's ability to spread is rather low, which likely accounts for the limited number of reports of damages across the world.
However, if a variation of the Trojan is created so that it replicates itself and becomes a full-fledged computer virus, Silentbanker could spread rapidly, experts said.
source: http://www.asahi.com/english/Herald-asahi/TKY200803040082.html