The Computer Emergency Response Team of India (CERT-In) has warned of a new trojan targeting online banking customers. Dubbed ‘Dyreza’, the new banking Trojan mainly targets users of famous financial institutions powered by Microsoft Windows OS.
PTI cited the CERT-In advisory as saying: "It propagates by using social engineering techniques or by means of spam messages pretending to be genuine mail received from financial institution containing either a zip or pdf as an email attachment exploiting the vulnerability in unpatched versions of Adobe Reader to download the malware. The zip contains a self executing malware which installs itself on the target system on being extracted."
According to the agency, once a banking customer receives spam mail the Trojan ‘entices’ them to download and extract the zip file, which then starts stealing data.
Malware mainly targets users by initially inserting malicious code in the web browsers such as Chrome, Firefox, Internet Explorer, and then steals credentials as soon as infected user visits any of the banking sites.
Users are advised to organise email servers to block or eliminate emails with file attachments such as vbs, bat, exe, pif and scr files, and prioritise their Internet and local intranet security zone settings to high and keep off accounts following false login efforts.
The advisory added: "Limit or eliminate the use of shared or group accounts, do not visit untrusted websites, enable firewall at gateway or desktop level, do not download or open attachment in emails received from untrusted sources or unexpectedly received from trusted users and install and scan anti-malware engines and keep them up-to-date."
