IBM Trusteer, part of the IBM group, has found a malware toolkit that assumes control over a user’s keyboard and mouse. Designed specifically for the banking sector, it conducts fraudulent payments without the user’s knowledge.
The malware, known as KL-Remote, is able to bypass such security measures as passwords. It tricks a number of detection tools, as they assume that the fraud is carried out from the hacker’s device as opposed to the victim’s.
It is installed once the computer has been infected, and includes a number of pre-determined bank URLs.
After the user has clicked one of the URLs, the toolkit notifies the hacker, whom is then able to begin a phishing process. The user sees a pop-up message that looks exactly like the bank’s login design and retrieves the user’s details.
IBM Trusteer’s Ori Bach said on his blog that such toolkits make a larger pool of victims available to hackers, commenting:
“With the toolkit, a criminal with basic technical skills can perform high-end fraud attacks that can circumvent strong authentication. Furthermore, the ability to embed the toolkit in types of common malware greatly increases its availability and reach.
“Banking fraud is no longer just the domain of sophisticated cyber criminals.”
There seems to be no company or sector free from a potential hack, but that doesn’t mean businesses shouldn’t do all that they can to protect themselves. Trained security personnel are capable of preventing attacks that could ruin a business and its reputation. It is clear that opening and filling cyber security jobs needs to be a priority in this day and age.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?
Log inWant to have an account with us?
RegisterWant to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.