New Trojan Targets Online Banking

Jun 17, 2014

Dyreza malware launches a man-in-the-middle attack that compromises SSL.

Danish security experts at CSIS have discovered a new malware tool that targets online banking. The Dyreza trojan is launched from a phishing email message that includes a zipped document. Unzipping the attachment delivers the malware to the user's system.
According to CSIS, once the trojan is installed, it can circumvent SSL security, reading the user's encrypted SSL sessions in a man-in-the-middle attack. The attacker is thus able to hijack remote banking sessions. Peter Kruse, security specialist with CSIS, reports that the confirmed target list includes Bank of America, NatWest, Citibank, RBS, and Ulster Bank – other banks might also be affected. 

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More