Online banking trojans target Chrome and Opera
The latest version of the SpyEye trojan reportedly includes new capabilities that specifically target Windows users running Google Chrome or the Opera web browser. According to a blog post by security blogger Brian Krebs, these include new "form grabbing" capabilities that can collect data entered into web forms by victims, including credit card or account information used for online banking, as well as the URL for the site they are visiting, before it can be encrypted.
Trojans like ZeuS and SpyEye have been able to log a victim's every keystroke for some time; however, this results in a large amount of extraneous data which can take time to filter through. By specifically targeting forms for credit card information or online account credentials, it makes it easier for attackers to get the information they want, and ignore what they have no use for.
Krebs notes that, while form grabbing against Internet Explorer and Firefox has been possible for some time, this is the first time that he has seen any major banking trojans specifically target Chrome and Opera users in this way. For now, it seems that using a browser with a smaller market share doesn't mean that it makes a user any less of a target for cyber criminals.
Available from underground cybercrime forums, SpyEye is modular, allowing attackers to build and customise it for a specific campaign or goal. Using the toolkit, criminals only need to click a few buttons in the SpyEye Builder; programming skills are not required.
- Zeus trojan adds fake investment adverts, a report from The H.